This article addresses an issue where login attempts using a new Custom Social Connection fail with an InternalOAuthError: Failed to obtain access token error.

• Custom Social Connections
• OAuth2 Authorization Code Grant flow

The error occurs when Auth0, after receiving an authorization code from the social Identity Provider (IdP), fails to exchange that code for an access token at the IdP's token endpoint. This failure is typically caused by a long response time from the social IdP's token endpoint, which exceeds the timeout threshold. 

After the user login via social IdP successfully, the social IdP sends the code and state back to Auth0 on the /login/callback endpoint. This can be confirmed from reviewing the network requests in a HAR file:

To resolve this issue, the performance of the social IdP's token endpoint must be addressed.

1. Isolate the Issue: Test the social IdP's token endpoint directly using a cURL command or a similar tool to measure the response time. This helps determine if the issue is with the IdP and not with the Auth0 service. 
   
   
2. Contact the IdP: If the response time from the IdP's token endpoint is excessively long, contact the social IdP's support team to report and resolve the performance issue.