I’m integrating Auth0 with a Google Apps Script web app (front-end only, no backend).
Even though my script calls /authorize with:
response_type=token id_token
response_mode=fragment
Auth0 keeps forcing:
response_type=code
response_mode=form_post
which causes “Callback URL mismatch.”
My deployed URL:
I suspect this happens because my Auth0 app is currently set as a “Regular Web Application,” but Google Apps Script is actually a Single Page Application (SPA).
Can someone confirm if changing the app type to “Single Page Application” (SPA) or enabling implicit flow is the correct fix?
Thank you!