Auth0 is silently appending "access_token=..." to my url, and then throwing it out for a URL callback mismatch?

My site, https://newsbrute.com, uses angular 1. Auth0 login works in many cases, usually after jumping around on my site a bit first. However, on a fresh page load, if I login, it will take me back to the same page (or homepage) without logging in. If I attempt it again from the same page, I will get this error message:

Callback URL mismatch. https://newsbrute.com/access_token=550kG8GsCeipmc_u-gkSI0wdGHbKbzfs&id_token=&expires_in=86400&token_type=Bearer is not in the list of allowed callback URLs:…"

Seems like if it wanted to append access_token, it should be as a query parameter, not a page, right? On the other hand, it might be more of an issue of why the first login silently fails and reloads the page (or redirects to the default callback page), but I don’t know if that’s the root cause.

This will decide whether or not I can use auth0 for my site, and I have tried everything I can think of. It’s driving me crazy; I hope someone can help.

As it has been more than a few months since this topic was opened, and there has been no reply or further information provided as to the existence of the issue, we are closing this topic. Please don’t hesitate to create a new topic if this issue is still present, we would be happy to work with you to help find a resolution.