Troubleshooting Authentication
If you encounter errors or issues while authenticating with WHMCS, see the sections below to start troubleshooting and resolve the issue.
- For general steps to troubleshoot problems in WHMCS, see Start Troubleshooting.
- For more information about authenticating, see Authentication.
Authenticating with WHMCS
You may encounter the following common issues:
| Error or Issue | Cause | Next Steps |
WHMCS is running behind a CloudFlare proxy, but you have not configured proxy settings. This may cause login sessions to end prematurely. Click here to automatically reconfigure your CloudFlare proxy settings. (WHMCS 8.11 and later) or WHMCS may be operating behind a proxy or CDN, but you have not configured trusted proxy settings using CloudFlare IP addresses. This may cause login sessions to end prematurely. Apply settings now to correct this issue. (WHMCS 8.10 and earlier) | There is a problem with your CloudFlare® trusted proxies configuration. | CloudFlare Proxy Check Errors |
| Admins or users report that the system frequently logged them out. | You have misconfigured PHP, a proxy, or CDN on the server that hosts WHMCS, there is insufficient disk space, or there is a problem with the visitor’s IP address. | Frequent Logouts |
Your license key is invalid | You performed a required license check from a non-web context. | Invalid License API Errors |
License Invalid | You entered an invalid license key or moved the WHMCS installation without updating the license. | Invalid License Errors |
Login Details Incorrect. Please try again. | The URL that you are using to log in does not match the WHMCS System URL setting. | Login Details Errors |
The system redirects you back to the login page without an error, or you see an Invalid csrf protection token error. | There is a problem with PHP sessions on your server. | Login Redirect Loops |
No Connection | There is a problem preventing your server from communicating with the WHMCS licensing server. | No Connection Errors |
Oops! Access Denied - Forbidden | There is a problem with your administrator role or, if an admin is logging in as a client, there is a problem with the client’s password. | Oops! Access Denied Errors |
| The system is not removing sessions from the location in your session configuration. | There is a problem in your PHP configuration. | Sessions Are Not Removed |
Facebook® Sign-In Integrations
You may encounter the following common issues:
| Error or Issue | Cause | Next Steps |
App Note Setup: This app is still in development mode, and you don't have access to it. Switch to a registered test user or ask an app admin for permissions. | Your Facebook® app is in Development Mode. | Facebook App Not Setup Errors |
Can't Load URL: The domain of this URL isn't included in the app's domains. | Your Facebook® app URL is invalid. | Facebook URL Errors |
Invalid details not saved. Please verify your details and try again. | Your API credentials or callback URLs are invalid or there is a problem in your Authorized JavaScript Origins configuration. | Invalid Details Errors |
| You are unable to access the Sign-In Integrations settings in the Admin Area. | Your administrator role does not have the required permissions or there is a problem with your Friendly URLs configuration. | Unable to Access Sign-In Integrations |
Google® Sign-In Integrations
You may encounter the following common issues:
| Error or Issue | Cause | Next Steps |
Remote account linking via Google has failed. Please make sure that the system clock is set properly | There is a problem with your system’s server time. | Google Remote Linking Failures |
Google Sign-In is unavailable at this time. Please try again later or Google Sign-In is unavailable at this time. Please try again later. Error: Not a valid origin for the client: http://example.com has not been whitelisted for client ID xxxxx | Your app configuration in Google® is invalid or Google is accessing WHMCS using the wrong URL. | Google Sign In Unavailable Errors |
Verification for current settings failed validationResponse: {valid:false} | The Authorized JavaScript Origins and Authorized redirect URIs settings are incorrect or the WHMCS System URL setting is using an insecure http:// connection. | Google Verification Failures |
Invalid details not saved. Please verify your details and try again. | Your API credentials or callback URLs are invalid or there is a problem in your Authorized JavaScript Origins configuration. | Invalid Details Errors |
Social login: Error We could not connect to your account | There is a problem in your system theme template. | Social Login Errors |
| You are unable to access the Sign-In Integrations settings in the Admin Area. | Your administrator role does not have the required permissions or there is a problem with your Friendly URLs configuration. | Unable to Access Sign-In Integrations |
Twitter™ Sign-In Integrations
You may encounter the following common issues:
| Error or Issue | Cause | Next Steps |
Invalid details not saved. Please verify your details and try again. | Your API credentials or callback URLs are invalid or there is a problem in your Authorized JavaScript Origins configuration. | Invalid Details Errors |
Social login: Error We could not connect to your account | There is a problem in your system theme template. | Social Login Errors |
We were unable to connect your account. Please contact your system administrator | There is a misconfiguration in the Twitter™ app’s callback URL or your Twitter account does not have access to Twitter API v1.1. | Twitter Connection Errors |
Link Initiated! Please complete sign in to associate this service with your existing account. You will only have to do this once or Link Initiated! Please complete the registration form below | The client has not linked their Twitter™ account yet. | Twitter Link Initiated Messages |
| You are unable to access the Sign-In Integrations settings in the Admin Area. | Your administrator role does not have the required permissions or there is a problem with your Friendly URLs configuration. | Unable to Access Sign-In Integrations |
Password Resets
You may encounter the following common issues:
| Error or Issue | Cause | Next Steps |
The reset link you have followed is invalid. Please try again. | The WHMCS System URL does not match the URL that the user used to access the password reset page. | Invalid Reset Link Errors |
| The system is not successfully sending general emails, like client sign-up or order confirmations. | This issue is usually due to a misconfiguration. | Unsent General Emails |
Two-Factor Authentication
You may encounter the following common issues:
| Error or Issue | Cause | Next Steps |
You see errors or experience problems while attempting to use Duo® Security for two-factor authentication. For example: Client Duo® Security Login Failed: invalid_client: Integration type does not support frameless access. | You need to update your Duo Security credentials to use Duo’s Universal Prompt system. | Duo Security Login Failures |
| You experience timezone-related issues in WHMCS or while running WHMCS automation. | There is a timezone misconfiguration or a mismatch between the webserver’s PHP configuration and the cron engine’s PHP configuration. | System Timezone Issues |
Last modified: 2025 April 2