Custom domain with auth0.js getting error "You should not be hitting this endpoint"

intergalena · January 10, 2019, 10:06pm

Hello,

I’m currently instantiating Auth0 with my custom domain using auth0.js in a custom login with on my website.

Setup:

var customDomainAuth0 = new auth0.WebAuth({
    domain: customDomain,
    configurationBaseUrl: 'https://cdn.auth0.com',
    clientID: clientId,
    redirectUri: callbackUrl,
    responseType: 'token'
});

I then issue an authorize when user presses a button and encounter the error “You should not be hitting this endpoint. Make sure to use the code snippets in the tutorial or contact support@auth0.com for help”

customDomainAuth0.authorize({
    connection: enterpriseConnection,
    scope: 'openid',
    responseType: 'code',
    redirectUri: callbackUrl
});

All of this code works fine using the Auth0 issued tenant domain (tenant.auth0.com), and I’m not quite sure what I’m missing here. I read that custom domains was supported if you use the /authorize endpoint, so assumed that it would work with my configuration.

Any help would be much appreciated.

Cheers,
Alena

thameera · January 11, 2019, 8:43am

This error can appear if you haven’t done the additional configuration required in the hosted login page?

intergalena · January 13, 2019, 9:19pm

It says it’s for the hosted login page though. I’m using a custom login, do they still apply to here? Also, what values would I use? I understand that the config.auth0Tenant probably means my tenant name. But what about the config.authorizationServer.issuer?

thameera · January 14, 2019, 2:30am

The only value you need to manually specify there is your custom domain - all other values are derived from the variables. Here’s an example:

      configurationBaseUrl: config.clientConfigurationBaseUrl,
      overrides: {
        __tenant: config.auth0Tenant,
        __token_issuer: 'SET_CUSTOM_DOMAIN_HERE'
      },

You should only change the SET_CUSTOM_DOMAIN_HERE value to something like auth.example.com.

By the way, if you are using the Auth0.js code snippet you posted in a custom login page (not hosted login), you need not specify the configurationBaseUrl parameter.

If this doesn’t help, can you capture an HTTP trace during the error and DM that to me?

intergalena · January 14, 2019, 8:22pm

Hi Thameera, I’m sorry but I don’t think I quite understand. You said that I only need to set the 'SET_CUSTOM_DOMAIN_HERE, but I’m pretty sure that I’m meant to set the tenant as well to my tenant name? Either way, I’ve tried setting the overrides value and am still getting the error. I’ve DMed you my HTTP Trace.

thameera · January 15, 2019, 3:01am

The tenant is automatically deduced at runtime - it’s populated in the config object. So you don’t need to set them there.
Based on the HAR file it looks like you don’t have this snippet in the Lock config in the hosted login page.

intergalena · February 4, 2019, 9:50pm

Solved the problem, thanks @thameera.

Problem:
I had Hosted Login Page enabled, even though I didn’t require it. However because it was enabled, my calls from app to Auth0 were getting rerouted to the HLP, and therefore I received the errors above. I simply had to turn HLP off to get it working.

konrad.sopala · February 6, 2019, 3:06pm

Glad you made it! Thanks for sharing it at the end with rest of community @intergalena!

system · February 21, 2019, 3:06pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.