Ask AI is now on the home page — ask a question and get a sourced answer from the Ory docs. You'll also find it in the bottom-right corner of any page.

Skip to main content

Troubleshooting

📄️ Invalid courier URL

If you get an error that points you to this document, it means that your email configuration (SMTP URL) is incorrect. The most

Learn more

📄️ CSRF troubleshooting

When you get 401 Unauthorized or 400 Bad Request responses when your application sends requests to Ory Identities APIs, it is

Learn more

📄️ Actions troubleshooting

This document describes common issues with Ory Actions and how to solve them.

Learn more

📄️ Wrong domain in magic links

After updating their custom domain, some users reported an error that caused the verification emails to come with magic links

Learn more

📄️ 72 character limit for BCrypt hashed secrets

BCrypt hashed passwords and secrets have a 72 character limit. This is a limitation of the BCrypt algorithm and the Golang BCrypt

Learn more

📄️ Social sign-in troubleshooting

Redirect loops after registration

Learn more

📄️ Troubleshooting iframes

Iframes can pose a significant security risk for authentication services due to many attack vectors such as clickjacking, iframe

Learn more

📄️ OAuth2 JWT Profile

If you're experiencing issues on Ory Network related to the required audience for the

Learn more

📄️ OIDC requires `redirect_uri`

Starting no sooner than August 1st, 2024, Ory Network will enforce the inclusion of redirect_uri in OpenID Connect flow

Learn more

📄️ WebAuthn / PassKeys SecurityError

Relying party ID mismatch

Learn more

📄️ Account linking response code

Starting no sooner than April 13, 2025, Ory Network will return a 400 Bad Request instead of a 200 OK when a user signs up

Learn more

📄️ Google One Tap fails

If you receive an error such as

Learn more

📄️ Identity Provider Integration Settings

Overview

Learn more

📄️ SDK V1 upgrade guide

We are excited to announce the release of version 1.0 of Ory's Software Development Kits (SDKs) for all major languages. As part

Learn more

📄️ OAuth2 first aid

Spec-compliant OAuth 2.0 and OpenID Connect is hard. Let's take a look how to resolve certain issues.

Learn more

📄️ Logout not working

Sometimes, calling /oauth2/sessions/logout doesn't behave as expected, for example:

Learn more

📄️ Client auth fails

There are multiple ways of authenticating OAuth 2.0 Clients at the /oauth2/token:

Learn more