Auth0 Emails Contain iInsecure HTTPS Schemes When Using SendGrid

Overview

This article addresses an issue where an error page is displayed stating that a link is insecure. This occurs when a user attempts to access resources with links generated by Auth0 and sent through SendGrid.

Applies To

  • Auth0 Tenants
  • SendGrid Integration
  • Custom Liquid Templates

Cause

This issue is caused by SendGrid’s default behavior. When click tracking is active with a custom-branded domain, the tracking uniform resource locators (URLs) it generates will use http:// unless Secure Sockets Layer (SSL) for Click Tracking is specifically configured.

Solution

To resolve this issue, configure SSL for Click Tracking with a content delivery network (CDN) or proxy. See the following Sendgrid documentation for complete steps on performing this action: Enabling SSL for Click and Open Tracking