tl;dr;
I can’t make to work an application in vercel where I use subdomain for multi tenant. Is there an example app where this is done? It’s correct to pass the Auth0 api routes (/api/auth0/login, etc.) through edge middleware?
I have a multi tenant application and I use edge middleware to support it via subdomains, this is the middleware relevant code:
//middleware.js
...
const account =
process.env.NODE_ENV === "production" && process.env.VERCEL === "1"
? hostname.split('.')[0]
: hostname.replace(`.localhost:3000`, "");
if (req.nextUrl.pathname.startsWith('/api')) {
return NextResponse.rewrite(
new URL(`/api/${account}${req.nextUrl.pathname.replace('/api', '')}`, req.url)
);
}
...
I’m using a custom auth0 handler to set a valid baseURL because a fixed one as env variable displays a different error (invalid_grant) :
const baseURL = `${process.env.NODE_ENV === "development"
|| (req.headers.host?.indexOf('localhost') || -1) >= 0 ? "http" : "https"}://${req.headers.host
}`
return initAuth0({
baseURL,
secret: process.env.AUTH0_SECRET,
issuerBaseURL: process.env.AUTH0_ISSUER_BASE_URL,
clientID: process.env.AUTH0_CLIENT_ID,
clientSecret: process.env.AUTH0_CLIENT_SECRET
});
in my local the login process works fine, but when I deploy to vercel I get an error in this route: http://org.example.com/api/auth/callback it says:
CallbackHandlerError: Callback handler failed. CAUSE: Missing state parameter in Authorization Response.
but both, code an state parameters are present in the url, I can’t help but thinking that something about the middleware is causing the error