AWS load balancer is terminating SSL/TLS (HTTPS) connections and forwarding traffic to .NET Core web servers over HTTP.
However, .NET Core application expects requests from Auth0 to be received over HTTPS, causing the authentication process to fail.
Replace redirect_uri from http to https-- link for reference
Error:
unauthorized_client : Callback URL mismatch. http://www.login.collabaudit.com/callback is not in the list of allowed callback URLs
.net MVC code
startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddAuth0WebAppAuthentication(options =>
{
options.Domain = Configuration[“Auth0:Domain”];
options.ClientId = Configuration[“Auth0:ClientId”];
options.LoginParameters = new Dictionary<string, string>() {
{ “screen_hint”, “login” }
};
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler(“/Home/Error”);
app.UseHsts();
}
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseSession();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: “default”,
pattern: “{controller=Account}/{action=login}/{id?}”);
});
AppContext_Context.Configure(app.ApplicationServices.GetRequiredService());
AppConfigurationContext.Configure(app.ApplicationServices.GetRequiredService());
}
AccountController.cs
public IActionResult Login(string returnUrl = “/”)
{
if (HttpContext.User.Identity.IsAuthenticated)
{
return RedirectToAction(“View”, “Home”);
}
else
{
//return Challenge(new AuthenticationProperties { RedirectUri = returnUrl }, “Auth0”);
var authProperties = new AuthenticationProperties
{
RedirectUri = returnUrl.StartsWith(“http://”) ? returnUrl.Replace(“http://”, “https://”) : returnUrl
};
return Challenge(authProperties, “Auth0”);
}
}
Please help and share changes to get redirect_uri from http to https