Two comments for anyone with the same issue:
- The first issue that needed to be fixed was to set up header forwarding as described in the FAQ link mentioned above.
- After that was resolved, I discovered that NGINX requires one additional tweak to work with Auth0: You must increase the proxy buffer sizes from default because of the large amount of header info that Auth0 uses. Details here: Got “502 Bad Gateway” on login callback when using NGINX reverse proxy - Auth0 Community)