Auth0 Home Blog Docs

Callback url uses http instead of https. How do I make it use https?

login

#1

My http scheme when initiating the callback is somehow using http instead of https

I’m getting The URL "http://some_domain/complete/auth0?redirect_state=some_string" is not in the list of allowed callback URLs.

Sure, setting the callback url in setting page to use http works, but I want to know why it’s using http in the first place and if it’s possible for me to use https instead

I’m using Django 2.0.4 and my setting looks like

LOGIN_URL = "/login/auth0"
LOGIN_REDIRECT_URL = "/some/url"

AUTH_AUTH0_DOMAIN=some_auth0_name.auth0.com

I don’t think anything else would affect the url. Is there a way for auth0 to call https instead of http?


#2

How is your Django app connecting to Auth0?

John


#3

Is the default website http or is it https? I could see that being an issue since you aren’t being explicit in your LOGIN_URL and LOGIN_REDIRECT_URL.


#4

I’ve figured out. I’m using Social Auth and need to have

SESSION_COOKIE_SECURE = True
SOCIAL_AUTH_REDIRECT_IS_HTTPS = True

to be set for everything to process through https