Callback URL mismatch. "is not in the list of allowed callback URLs"

valldav90 · February 23, 2022, 5:35pm

Good afternoon!

Please if you could help me.

I created a new application developed in Node js but when authenticating, I get the following error:

Callback URL mismatch. http://localhost:3000/api/auth/callback is not in the list of allowed callback URLs

{
“date”: “2022-02-23T17:10:54.772Z”,
“type”: “f”,
“description”: “Callback URL mismatch. http://localhost:3000/api/auth/callback is not in the list of allowed callback URLs”,
“connection_id”: “”,
“ip”: “186.69.XX.XXX”,
“user_agent”: “Chrome 98.0.4758 / Windows 10.0.0”,
“details”: {
“body”: {},
“qs”: {
“client_id”: “XXXXXXXXXXXXXXXXXx”,
“scope”: “openid profile email user_metadata app_metadata”,
“response_type”: “code”,
“redirect_uri”: “http://localhost:3000/api/auth/callback”,
“nonce”: “XXXXXXXXXXXXXXXXXXXXXXXXXXXXX”,
“state”: “XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx”,
“code_challenge”: “kGxMYLQ9Bsoa2bbXXX2bumBqNFNzEnLKAs9gXXMozXX”,
“code_challenge_method”: “S256”
},
“error”: {
“message”: “Callback URL mismatch. http://localhost:3000/api/auth/callback is not in the list of allowed callback URLs”,
“oauthError”: “Callback URL mismatch. http://localhost:3000/api/auth/callback is not in the list of allowed callback URLs. Please go to ‘https://manage.auth0.com/#/applications/osG0pV2rlZXXXXyXPAZxXXXXXXXXXX/settings’ and make sure you are sending the same callback url from your application.”,
“payload”: {
“message”: “Callback URL mismatch. http://localhost:3000/api/auth/callback is not in the list of allowed callback URLs”,
“code”: “unauthorized_client”,
“status”: 403,
“name”: “CallbackMismatchError”,
“authorized”: [
“http://localhost:3000”
],
“attempt”: “http://localhost:3000/api/auth/callback”,
“client”: {
“clientID”: “XXXXXXXXXXXXXXXX”
},
“log_url”: “https://manage.auth0.com/#/logs/”
},
“type”: “callback-url-mismatch”
},
“session_id”: “vLQxSeKxbC4VOJEXXXXnrJVXXXXXX”
},
“hostname”: “XXXXXcsu.us.auth0.com”,
“log_id”: “90020220223171057240XXX79274349976793359937548845074”,
“_id”: “90020220223XXX260605279274349976793359937548845074”,
“isMobile”: false
}

In Auth0, I have it configured like this:

and in the file .env.local

AUTH0_SECRET=‘XXXXXXXXXXXXXXXXXXX’
AUTH0_BASE_URL=‘http://localhost:3000’
AUTH0_ISSUER_BASE_URL=‘MYauth0.us.auth0.com’
AUTH0_CLIENT_ID=‘Client ID Auth0’
AUTH0_CLIENT_SECRET=‘CLiente Secret Auth0’
AUTH0_SCOPE=‘openid profile email user_metadata app_metadata’
NEXT_PUBLIC_AUTH0_USER_ROLE_URI=‘http://localhost:3000/role’
NEXT_PUBLIC_AUTH0_USER_METADATA_URI=‘http://localhost:3000/user_metadata’
NEXT_PUBLIC_AUTH0_APP_METADATA_URI=‘http://localhost:3000/app_metadata’

I don’t know what I’m missing. If you could help me I would really appreciate it.

David

tyf · February 23, 2022, 9:10pm

Hey there @valldav90 welcome to the community!

You’ll need to make sure you have the exact callback url defined in your application settings - That is, you’ll need to add http://localhost:3000/api/auth/callback here

system · March 10, 2022, 9:11pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.