Bare IP address for callback url: is it accepted?

Please fill out the following to the best of your ability. Doing so will help out the troubleshooting process

  • What are you trying to achieve? What is the use case or idea behind it?

  • If this is caused by an SDK please mention the SDK along with the specific version number.

  • Is this easily reproducible? If not, please explain.

  • If this is related to Lock / any SDK please share the SDK as well as lock initialization code or any code that is relevant.

  • If this is an issue with an API please mention the endpoint you are trying to hit. Relevant code, and or a network trace, is really helpful when debugging such issues.

  • Environment-specific information (Which OS, Language Runtime + Version, Browser etc).

I recently added Auth0 to my app.

I was able to login/logout in local environment. (callback url was localhost:3000/callback)

And I deployed my app on aws ec2 and I added elastic IP address as “Allowed Callback URLs” list.

Then the app just emits “cannot get /callback” message only.

Actually, I fixed this problem by adding a domain to my site.

I worked fine after that.

So I was wodering if it’s not possible to add bare IP address as web origin or callback urls.

I’m not sure whether I should call this behavior as a bug or not.

I just wanted to share my experience with community and someone experiencing this kind of problem, thanks.

:wave: @leejh3224

Did you try specifying the protocol when providing the IP address as the callback url? A bare ip address will not work as we do not allow protocol-less urls as valid callback for security reasons.

Hope that clarifies your question!

1 Like

First, thanks for your answer.

I solved it by connecting domain name for my site.

However, I wish I knew it earlier before deploying my app to server.

Auth0 is great platform but I think it needs more documentation for these kind of problems.