Feature: Custom schemes should be valid as Callback URLs.
Description: The URL validation does not allow all characters which are permitted in a custom scheme, it appears to only accept alphanumeric characters.
Use-case: Mobile apps often use custom schemes, and it is essential that an OAuth redirect be able to return to a mobile app to complete sign-in. Custom schemes containing “+”, “-”, or “.” are valid, and should not be prevented from being entered in the Allowed Callback URLs field for an Auth0 app.