Over the last 2 days an increasing number of users are reporting getting access denied (403) responses after entering their email when trying to sign in via http://auth.tesla.com/oauth2/v3/authorize

Context: on a mobile safari web browser (so javascript & captcha issues mentioned in other places/issues not relevant), user-agent: Mozilla

Common response:

Access Denied
You don't have permission to access "http://auth. tesla.com/oauth2/v3/authorize?" on this server.
Reference #18.401. . . 

I cannot reproduce this issue myself under the same parameters and most users are not experiencing this under the same parameters. It would seem as though these users might be randomly blocked?

Rate-limiting doesn't seem to be a factor as most affected users got 403 on first try.

All are able to sign in to tesla.com. Some have corrected the issue via switching connections (eg: WiFi -> Cellular). Some have been able to obtain tokens on their own using the same connection.

Unfortunately this is completely unexplained at the moment.

Additionally it appears the Tesla app is using a new GET param: is_in_app=true and uses a new value for scope: openid email offline_access phone