Hey , I have added Auth0 to my MVC app, it works perfectly in DEVELOPMENT but on PRODUCTION(DigitalOcean) it gives me that I got a Callback URL mismatch:
Log:
{
“date”: “2023-01-31T13:18:48.936Z”,
“type”: “f”,
“description”: “Callback URL mismatch. Give yourself a better website » MY DOMAIN is not in the list of allowed callback URLs”,
“connection_id”: “”,
“ip”: “2800:810:5a8:80c2:f000:aac2:2f68:4aeb”,
“user_agent”: “Chrome 109.0.0 / Windows 10.0.0”,
“details”: {
“body”: {},
“qs”: {
“client_id”: “vHcUKPl8hr4AbiAAEEP8jUhP3IZQaPQQ”,
“redirect_uri”: “Give yourself a better website » MY DOMAIN”,
“response_type”: “id_token”,
“scope”: “openid profile”,
“response_mode”: “form_post”,
“nonce”: “638107679286067585.OGZlNTI2OWQtNDlmMi00M2JjLWFhMTYtY2I0M2E5NTMyZjY1NTIxZTQ0NTUtMzU2ZS00MTYwLWJlNmQtOWU2ODMxYzUzY2E4”,
“auth0Client”: “eyJuYW1lIjoiYXNwbmV0Y29yZS1hdXRoZW50aWNhdGlvbiIsInZlcnNpb24iOiIxLjEuMCJ9”,
“state”: “CfDJ8HoRyNfl4AROnvm-SSYUBOAswwYmKypXEYaTkYtEzR9YRjFGsgATtG8ufYgKnz-5XdEtzSv3wzWwbAUCx08JUuxZJSX5gdTWSDG5dkAKJbE13DzFl9UWXcM0BpAz9EI2F8CnZ-wA0MUiQ2gZR_jT6irnzAyQDwQAw5SSIXbiekcWD6z0DU40tMkJEknSuWif89-CPniUu8QINMlJEYOotBwc-0DcMq6hGM7LE2sYIDtsvhexpFpVcOepSm8aaqy_OJXBINj4kah95ZvFi8Jh_Wf4m3m5XU4NOE0-k69OrZ9bN5rV7Jt6h_Q5K718iW1nsw”,
“x-client-SKU”: “ID_NET6_0”,
“x-client-ver”: “6.25.1.0”
},
“error”: {
“message”: “Callback URL mismatch. Give yourself a better website » MY DOMAIN is not in the list of allowed callback URLs”,
“oauthError”: “Callback URL mismatch. Give yourself a better website » MY DOMAIN is not in the list of allowed callback URLs. Please go to ‘https://manage.auth0.com/#/applications/vHcUKPl8hr4AbiAAEEP8jUhP3IZQaPQQ/settings’ and make sure you are sending the same callback url from your application.”,
“payload”: {
“message”: “Callback URL mismatch. Give yourself a better website » MY DOMAIN is not in the list of allowed callback URLs”,
“code”: “unauthorized_client”,
“status”: 403,
“name”: “CallbackMismatchError”,
“authorized”: [
“Give yourself a better website » MY DOMAIN”
],
“attempt”: “http://my-domain/callback”,
“client”: {
“clientID”: “vHcUKPl8hr4AbiAAEEP8jUhP3IZQaPQQ”
},
“log_url”: “https://manage.auth0.com/#/logs/”
},
“type”: “callback-url-mismatch”
},
“session_id”: “gl9C4ZCBlTQNbYASgKew0mKPR6vmUwVh”
},
“hostname”: “dev-ggxof8bd75l4qzbi.us.auth0.com”,
“auth0_client”: {
“name”: “aspnetcore-authentication”,
“version”: “1.1.0”
},
“log_id”: “90020230131131851753889066341659355572805083499088314386”,
“_id”: “90020230131131851753889066341659355572805083499088314386”,
“isMobile”: false,
“id”: “90020230131131851753889066341659355572805083499088314386”
}
Auth0 config:
Program.cs:
using Auth0.AspNetCore.Authentication;
using Microsoft.Data.Sqlite;
using Microsoft.EntityFrameworkCore;
var builder = WebApplication.CreateBuilder(args);
if (Environment.GetEnvironmentVariable(“ENVIRONMENT”) == “DEVELOPMENT”)
{
var inMemorySqlite = new SqliteConnection(“Data Source=Shareable;Mode=Memory;Cache=Shared”);
builder.Services.AddDbContext(
options => options.UseSqlite(inMemorySqlite).LogTo(Console.WriteLine, LogLevel.Information)
);
builder.Services.AddScoped<DbContext, FeatureFlagContext>();
}
else
{
var postgreSqlConnectionString = Environment.GetEnvironmentVariable(
“RELATIONAL_DATABASE_CONNECTION_STRING”
);
builder.Services.AddDbContext(
options => options.UseNpgsql(postgreSqlConnectionString)
);
builder.Services.AddScoped<DbContext, FeatureFlagContext>();
}
// Add services to the container.
builder.Services.AddControllersWithViews();
builder.Services.AddAuth0WebAppAuthentication(options =>
{
options.Domain = Environment.GetEnvironmentVariable(“AUTH0_DOMAIN”);
options.ClientId = Environment.GetEnvironmentVariable(“AUTH0_CLIENT_ID”);
});
var app = builder.Build();
// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
app.UseExceptionHandler(“/Home/Error”);
// The default HSTS value is 30 days. You may want to change this for production scenarios, see Enforce HTTPS in ASP.NET Core | Microsoft Learn.
app.UseHsts();
}
using (var scope = app.Services.CreateScope())
{
var services = scope.ServiceProvider;
DbContext context;
if (Environment.GetEnvironmentVariable(“ENVIRONMENT”) == “DEVELOPMENT”)
{
context = services.GetRequiredService();
context.Database.Migrate();
}
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllerRoute(name: “default”, pattern: “{controller=Home}/{action=Index}/{id?}”);
app.Run();
public partial class Program { }
Thank you in advance.