I’m playing with integration of Auth0 into an existing Angular9 application. I’ve read and followed two different approaches:
and
I’m also using a custom Database where existing users are located.
In both scenarios I’m able to call loginWithRedirect, login with the user and reach the callback url. However, on the callback URL the code automatically calls auth0 address/oauth/token in the following sequence:
- /authorize?cliend_id… (302 result → to my callback URL with code= parameter)
- /oauth/token (OPTIONS - 200 response)
- /ouath/token (POST - 401 error)
The POST method which is failing has been sent the following values:
- client_id: “–My client ID–”
- code: “–generated by Auth0–”
- code_verifier: “–generated by Auth0–”
- grant_type: “authorization_code”
- redirect_uri: “–the same callback URI we are currently on–”
Additional request headers:
:authority: --my auth0 domain–
:method: POST
:path: /oauth/token
:scheme: https
accept: /
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cache-control: no-cache
content-length: 223
content-type: application/json
origin:my localhost
pragma: no-cache
referer: my localhost
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.80 Safari/537.36
Anyone have an idea on where the misconfiguration is located?