Auth0 Home Blog Docs

Can't authorize if using a proxy

authorize
proxy

#1

When I try to login to the application using proxies, auth0 widget doesn’t fetch accounts.

`
auth0Config = {
clientId: …
clientID: …
domain: …
callbackURL: location.href,
packageIdentifier: …
};

let options = {
scope: 'openid profile ',
connection: ‘google-oauth2’
};

new Auth0Cordova(this.auth0Config).authorize(options, (error, authResult) => {....})

img_20171108_140825

Without proxies, all works fine and I can log in.


#2

The authentication flow requires HTTPS requests to the Auth0 service. If you put a proxy in the middle then the HTTPS connection would need to be intercepted and a different certificate used for encryption of the data from the client to the proxy (as the proxy would not have access to the certificate used by the destination server). This could technically work if the device is setup to trust the generated certificate from the proxy, however, you basically now would have a man-in-the-middle system able to see all traffic from the client to the final server which is a terrible idea in general.

In conclusion, if you do not understand all the implications around doing something like this it’s probably better for you to just don’t do it.


#3

I don’t need a proxy. I suppose that App Store used a proxy when they were reviewing my application and they couldn’t log in.


#4

My application already in App Store. But when I was trying update they reject the application because couldn’t log in.


#5

That’s a slightly different situation so I would advise you to either update the question with the (exact wording) information Apple provided you about the rejection or just open a new question with that data. It’s not worth it to be discussing the proxy situation if the main issue is Apple rejecting it as the two situations may prove to be disconnected.


#6