When using the react-auth0-spa.js and the auth0-spa-js, I have to go through an awkward sequence to make my Authorization Code grant work successfully. I’m suspicious it has nothing to do with auth0-spa-js. In short, creating a user works fine, obtaining the “code” works fine. However; when I try to exchange the code for a token via /oauth/token, I’m getting a 401/Unauthorized. I’m not really calling /oauth/token directly of course, I’m using auth0FromHook.handleRedirectCallback().
I can make this work without changing any of my code. But I have to go through a weird sequence of modifying “Application Type” several times. Ideally, I should be able to simply set it to “Single Page Application”; however, I have to go through a longer sequence of settings to arrive back at “Single Page Application”. And before you ask, simply setting to “Native” doesn’t work