recently our klaviyo oauth token requests have been failing
Klaviyo req IDs (all returned 500):
639b8736-bf1b-4e1b-868f-24b6aaad3de4 (2026-05-27 18:27:54 UTC)
8cc4f113-3071-4a67-9d0e-f4ec48720353 (2026-05-27 18:49:02 UTC)
807f10f3-3e81-490f-8dd1-fe0bd421492e (2026-05-27 18:51:45 UTC, manual curl)
Same /oauth/token endpoint returns clean invalid_grant for an obviously-bad code, but 500 server_error for valid codes from this app
this previously worked with no known changes on our end.
P.S. it would be nice if you opened email support for developer teams :)
Solved
Oauth Outage?
Best answer by ArpitBanjara
Hey
This may or may not fix your issue, however I do have suggestions on what you should check once on your end,
The token URL should be https://a.klaviyo.com/oauth/token, not https://www.klaviyo.com/oauth/token. Requests to the www subdomain will fail or behave unpredictably. If you've been using that split setup that's circulated in the community (authorize on www, token on a), that's fine,, but double-check the token endpoint specifically.
Also verify that your client credentials are still valid by checking your OAuth app settings. A mismatch between client ID and secret,, or a recently rotated secret, can produce exactly this kind of inconsistent 500 at the token generation stage.
I also feel this could be account-level or app-level flag on Klaviyo's end. I would suggest creating a ticket with klaviyo support and include all three req IDs plus the timestamps. tagging
I hope this helps and thank you for sharing your question here in the community.
Cheers,
Arpit
+37Hey
This may or may not fix your issue, however I do have suggestions on what you should check once on your end,
The token URL should be https://a.klaviyo.com/oauth/token, not https://www.klaviyo.com/oauth/token. Requests to the www subdomain will fail or behave unpredictably. If you've been using that split setup that's circulated in the community (authorize on www, token on a), that's fine,, but double-check the token endpoint specifically.
Also verify that your client credentials are still valid by checking your OAuth app settings. A mismatch between client ID and secret,, or a recently rotated secret, can produce exactly this kind of inconsistent 500 at the token generation stage.
I also feel this could be account-level or app-level flag on Klaviyo's end. I would suggest creating a ticket with klaviyo support and include all three req IDs plus the timestamps. tagging
I hope this helps and thank you for sharing your question here in the community.
Cheers,
Arpit
Good points raised above. I’d just re-check the OAuth token endpoint (https://a.klaviyo.com/oauth/token) and confirm the client ID/secret haven’t been rotated. If everything is correct and the 500s persist, it’s very likely something on Klaviyo’s side—worth escalating to support with request IDs and timestamps.
Log in to the Community
Use your Klaviyo credentials
Log in with Klaviyo
Use your Klaviyo credentials
Log in with KlaviyoEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.