Hi - I’ve just checked using the Monzo Developer Portal and now I can’t even create any Clients. On creation, the Clients page is empty. Still got the same 403 error on attempt to visit the URL using my previous client and secret details.
@WilliamRay thanks for replying so quickly - unfortunately no change and I’m still getting the 403 error on the first step of authentication.
Hello 
I’m still waiting for my staff badge, but in the mean time:
@tom493 @eliasben Are you able to load the auth.monzo.com page at all? For example, if you visit https://business.monzo.com/ does the redirect to auth work?
We definitely fixed one of the problems causing this - which was an over-zealous security rule blocking redirect_uri containing localhost - but I’m wondering if there are some other rules triggering (for example, are you using a VPN?)
+1 I’m getting exactly the same error for some days now.
@WilliamRay do we know if this is affecting all users or a subset of them?
@redsteg I noticed that the error only happens if I use 127.0.0.1 as host in the redirect_uri. As soon as I use localhost instead of 127.0.0.1, all works fine as it did before.
1 Like
@dtgoitia great spot this fix has worked for me too.
@redsteg 127.0.0.1 redirects fail where localhost succeeds
Oh, nice spot @dtgoitia !
Thanks for the update @tom493 !
I can reproduce this now - I’ll look into what rule is blocking these requests and see if I can tweak it 
Thanks - looks like the redirect_uri must now be https://localhost as others mentioned
Just noticed that the Home Assistant integration is also broken. Last update was approx 11am today.
Thanks everyone, changing from 127.0.0.1 to localhost worked for me as well!
@dtgoitia Thanks for this workaround.
In my case, I was able to get to the login page by replacing 127.0.0.1 with localhost but when my team incharge enters the email, it results in “Network error” like as shown in the snapshot.
Anyone else facing that kind of issue or any clue on how to resolve this?
Hi @WilliamRay,
127.0.0.1 does not work at all.
The suggested workaround to use localhost, only works in the sense that it successfully loads the monzo login page. However, as soon as our user email is entered, it results in an error “Network error” as shown in snapshot.
@redsteg @WilliamRay
There are still issues with the auth API, and I think it’s related to the redirect_uri field.
If that URL contains an IP address, such as 10.40.22.101:8000, or 127.0.0.1:8000 we get hit with a Cloudflare 403.
If that URL is a DNS name, you get to the Monzo login screen to enter an email, but no matter what that DNS is (I’ve tried: http and https localhost, I’ve tried a publically accessible web server I manage on both HTTP and HTTPS, and I get “network error”:
Considering this is a public API solely for customer use, I think it’s pretty important that we can use local, non-internet accessible IP addresses and even loopbacks.
My scripts started getting this error at around 7pm 24th Dec 2024 GMT (yesterday). Did anyone here get anywhere any resolution in the end?
Did this ever get fixed? I am having the same error
@cookywook Who at Monzo could help with this?
@redsteg There seems to be tumbleweed on this one for… a lot of months. I and it seems a lot of others still have the issue. Can you fix it?
@WilliamRay Are we to understand that the API is now abandoned? Perhaps better to just formally turn it off (even though that would anger a lot of people / break their personal setups), rather than leave it in this half-working state where nothing new can ever be authenticated?
For what it’s worth, I have been able to authenticate successfully in the last few days. I did get the dreaded ‘Network Error’ first time around, but after looking in DevTools, managed to find the actual error, which in my case was due to a mismatch in the callback URIs.
A quick way to test that this still works, is to create a new confidential OAuth2 client with a redirect URI of http://localhost:8080/callback , fire up a terminal and run uv run --with monzoh monzoh-auth
After pasting in your client ID and client secret, and then logging in via your browser, you should see “Authentication successful!”.
Did you ever get the API to work. I can authenticate but when trying to get account balance I get a 403 Forbidden error. This used to work flawlessly for months and then just suddenly stopped