Callback URL mismatch (suddenly and seemingly inexplicably in localhost)

Was developing an React application (CRA) on localhost without issues (cross-origin authentication via lock was all good, and then at one point I just could log in anymore due to callback URL mismatch according to Auth0, although I hadn’t changed any Auth0 configuration, versions or anything to my knowledge.

"error": {
"message": "Callback URL mismatch. http:/localhost:3000/callback is not in the list of allowed callback URLs",
"oauthError": "Callback URL mismatch. http:/localhost:3000/callback is not in the list of allowed callback URLs. Please go to 'https://manage.auth0.com/#/applications/clientID/settings' and make sure you are sending the same callback url from your application.",
"payload": {
  "message": "Callback URL mismatch. http:/localhost:3000/callback is not in the list of allowed callback URLs",
  "code": "unauthorized_client",
  "status": 403,
  "name": "CallbackMismatchError",
  "authorized": [
    "https://localhost:3000/callback",
    "http://localhost:3000/callback"
  ],
  "attempt": "http:/localhost:3000/callback",
  "client": {
    "clientID": "clientID"
  },
  "log_url": "https://manage.auth0.com/#/logs/"
},
"type": "callback-url-mismatch"

}

Anyone have a clue as to what might be going on?

From the information you provided the application attempted to send http:/localhost:3000/callback, but the allowed URL’s are https://localhost:3000/callback and http://localhost:3000/callback which differ in the number of forward slashes.

1 Like

Gah, I guess that’s what you get after a long day… Thanks for the extra set of eyes!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.