I’m new to Auth0. I’m have a React SPA and I want to add Auth0 for a protected area. I created a Dev tenant and got Social Auth working, via the tutorial, with my own client ID, etc, with Google and Github.
Now I am trying to create a Prod tenant that will use a Custom Domain. First I got the Social providers working with the default tenant domain https://edpike365.us.auth0.com
. Then I tried to migrate GitHub to the verified custom domain auth.edpike365.com.
I used the “Try Connection” in the Auth0 dashboard to avoid any env vars in my actual app not being correct. When I click it, I get an “Ooops, failed login, you may have pressed the back button, etc.” The Auth0 Log details show that there is a redirect_mismatch but does not say the wrong or expected values WHICH WOULD BE VERY HELPFUL. The url is:
https://auth.edpike365.com/login/callback?error=redirect_uri_mismatch&error_description=The+redirect_uri+MUST+match+the+registered+callback+URL+for+this+application.&error_uri=https%3A%2F%2Fdocs.github.com%2Fapps%2Fmanaging-oauth-apps%2Ftroubleshooting-authorization-request-errors%2F%23redirect-uri-mismatch&state=RNsHi9VOqd0VPm2t9xkw6gxly1k06Tty
The social settings are in the Sign in to GitHub · GitHub > OAuth Apps > My Prod app. The only changes from the version that worked are:
- “Homepage URL” from https://edpike365.us.auth0.com to https://auth.edpike365.com
- “Auth callback URL” from https://edpike365.us.auth0.com/login/callback to https://auth.edpike365.com/login/callback
The Auth0 Application page settings stayed the same:
- Allowed Callback URLs: https://*.edpike365.com/callbacks/auth
On the Github settings page, I “revoked all user tokens” from before the change. Since the change, no logins have succeeded.
I also tried logging in via my website using a virgin user. It took me to the Github auth page, as expected, but then I got the oops message again. I tried again and it went straight to oops like my other dirty users.
In chrome dev tools I cleared all application storage including 3rd party cookies, closed the tab, closed the browser, brought it back up and it still went straight to oops. The Github auth connection shows no user tokens, so I have no idea how its keeping state unless its some sort of device ID. The app is pure client side.
I have the Auth0 tenant advanced settings set to use Non-Persistent Session
BTW but it does not help.
I’ve looked but cannot find docs on how the custom domain
handles redirection to the target auth0 instance in the CName. I’m expecting it to magically redirect to the actual app after authing but the clues seem to be that its redirecting to https://auth.edpike365.com
, which does not exist.
I’m using the Universal Login widget hosted by Auth0, with cosmetic changes using the web GUI.
I’ve wasted 2 days and $25 for custom domain plan. The docs all say “you will have to change some things when you move to custom domains” but dont give clear instructions. The SPA getting started code is good, but the “next level” tutorial it mentioned at the end has not been done apparently.
While I’m waiting for this, I’ll try to change the Google social auth over to the custom domain.
Thanks in Advance!