Custom domain + Universal Login + Passwordless Auth + auth0-spa-js

kaylakantola · January 2, 2020, 7:09pm

I’m having a bit of trouble getting Custom domain + Universal Login + Passwordless Auth + auth0-spa-js to play nicely together. There’s a wealth of documentation on each, but it’s hard to find documentation specifically addressing all three working together.

Here are my configurations:

Custom domain
developer-auth.<domain>.com
I have confirmed that when I hit “Test”, I receive “Your domain is configured correctly.”

Passwordless Auth + Universal Login

var lock = new Auth0LockPasswordless(config.clientID, config.auth0Domain, {
      auth: {
        redirectUrl: config.callbackURL,
        responseType: (config.internalOptions || {}).response_type ||
          (config.callbackOnLocationHash ? 'token' : 'code'),
        params: config.internalOptions
      },
      assetsUrl:  config.assetsUrl,
      allowedConnections: ["email"],
      rememberLastLogin: true,
      language: language,
    	languageDictionary: {
      	title: "TRHC Developer Portal"
      },
      theme: {
        logo: config.logo,
        primaryColor:    '#4A7729'
      },
      configurationBaseUrl: config.configurationBaseUrl,
  		overrides: {
          __tenant: config.auth0Tenant,
          __token_issuer: config.auth0Domain,
      },
    	closable: false,
    });
    lock.show();

auth0-spa-js

createAuth0Client({
domain: "developer-auth.<domain>.com"
client_id: "<client id>"
redirect_uri: "http://localhost:3000" // when running locally
audience: "<audience>"
})

My problem right now
Before, when I clicked login, I was redirected to <tenant>.auth0.com/login .
Now, when I click login, I get redirected to developer-auth.<domain>.com/authorize?client_id=<client id>&redirect_uri=... , and I get this error:
invalid_request: The client with id: "<client id>" (developer-auth) was not found

What I think is SUPPOSED to happen is that I’d get redirected to developer-auth.<domain>.com/login , which would make a call to <tenant>.auth0.com/authorize?client_id=<client id>&redirect_uri=... under the hood.

My guess is I probably am missing some little configuration option somewhere, but I’ve been burning way too much time trying to figure it out, and I think I’ve read every doc and support ticket 10x over at this point. Any advice would be very appreciated - thank you!

colin.coutts · January 2, 2020, 11:28pm

Hi @kaylakantola and welcome to the Auth0 Community!

Thanks for reaching out, let me see if I can help. I was just able to spin up a React App that uses the Auth0-SPA-SDK + Universal Login with Passwordless Lock + Custom Domain using an email code to try and have something close to what you’re working with. Were you able to get this flow working when you weren’t using a Custom Domain?

The error you’ve identified invalid request: ... can stem from a few things such as Auth0 not identifying the correct tenant for the custom domain. Was this custom domain previously used by a tenant that was deleted?

The only difference I can see at this point from the code you’ve shared is I didn’t include an audience parameter in my createAuth0Client and haven’t been able to replicate your error as of yet. If you wouldn’t mind sending along a .har in a DM of this interaction then I’d be happy to look at this further.

Best Regards,
Colin