Auth0 Home Blog Docs

Callback URL overwritten in Ionic App



I am writing an Ionic App, which will also be served as a web app from the same code. So in this aspect I am using the Auth0-Lock with different callbacks based on the source (Apps or Web), in one case I use a standard URL callback and for an APP I use a Cordova style URL : YOUR_PACKAGE_ID://AUTH_DOMAIN/cordova/YOUR_PACKAGE_ID/callback

However, somehow my callback URL is being overwritten when called from an APP with the URL: https://AUTH0_DOMAIN/mobile

Any ideas why?


I believe at one point in time Auth0.js which Lock makes use of was used as the means to support authentication on Cordova-based platforms; this method implied the use of a fixed callback URL with the format you refer to. What is likely happening is that Auth0.js is detecting that is in a Cordova environment and overriding the URL itself.

The above details the source of the issue just so that you know the full picture, however, I would not recommend trying to go against that and/or try to bend Auth0.js to act as you intend in this situation. Although Ionic2 may make it look simple to target both native and web at the same time they are still very different platforms and the recommendation here would be that you use Auth0.js/Lock when on the web platform and auth0-cordova when on the native platform; this may imply a bit more work, but it’s the right thing to do.