APIs & Integrations


OAuth2 callback being invoked 2 times due to captcha

Hello Team, I'm integrating Auth0 (an OAuth2 provider) with Hubspot via the OAuth2 route. However, a captcha verification in the middle of the authorization workflow is invoking the callback back to Auth0 2 times with different codes. The first callback stays pending until I have clicked on the captcha, after which the callback gets canceled and a new callback gets initialized.

Since Auth0 (or any OAuth2 provider) embeds a state parameter to ensure security, the final callback is getting rejected. Any idea/suggestions on:

A. Why is the first callback request staying in the pending state?
B. How to avoid the second callback altogether?



3 Replies 3

OAuth2 callback being invoked 2 times due to captcha

Hello Teun, thank you for responding. The authentication flow is being triggered from a website, yes. This is the sequence of events that are happening.
1. We send the "authorize" request to the Hubspot endpoint: 


2. Next up, I choose my account and log in. However, as you can see, the first callback request has already started.


3. Then the Captcha comes up, while the earlier callback request is ongoing


4. Finally, when I complete the captcha, the second callback request is sent and the earlier callback has been canceled. However, since the state parameter in both the callback is the same with different authorization codes generated by Hubspot, the OAuth2 server also rejects the second callback.


Callback #1 (canceled after completing the captcha): https://sybill-dev.us.auth0.com/login/callback?code=2f959928-07f2-4a5b-91a2-7e98c82808e3&state=xSy1H...
Callback#2 (rejected by our server because of the earlier callback): https://sybill-dev.us.auth0.com/login/callback?code=65563eea-4918-4271-a4fe-93a85f89eb5c&state=xSy1H...



Please let me know if there's anything else that I can provide to help you understand this error. Any help will be highly appreciated.



Recognized Expert | Diamond Partner
Recognized Expert | Diamond Partner

OAuth2 callback being invoked 2 times due to captcha



Need a bit more info here, where are you trying to implement this? Are you building some kind of web app on HubSpot with React?

Did my answer solve your issue? Help the community by marking it as the solution.
HubSpot Product Team
HubSpot Product Team

OAuth2 callback being invoked 2 times due to captcha

@Teun , any thing strike you here?



HubSpot Community Developer ShowMake sure to subscribe to our YouTube channel
where you can find the HubSpot Community Developer Show