I’m trying to set up a custom social connection using the “AzureADv2” custom connection that appears in the “Custom Social Connections” list. Locally, when I make the webAuth.authorize() call, I’m providing a redirect uri, but it is not being honored. No matter what, the redirect_uri of “redirect_uri=https://{my-tenant}.auth0.com/login/callback” is the one provided to microsoft’s endpoint. Is this intentional (i.e. - can you not override the redirect_uri in custom social connections?).
When using the service to broker authentication between your application and an upstream provider the flow will be something like:
- application talks with Auth0 (in most cases it has no idea of what upstream providers are configured, be it social or otherwise).
- something (usually end-user selection) indicates allows Auth0 that this particular request should go to a specific upstream provider (connection).
- Auth0 service talks with the upstream provider.
- Auth0 service transforms the response from the upstream provider and relays it to the application.
In other words, there will be multiple steps to the process and it’s even possible to use different protocols at certain steps. What’s relevant for your situation is that the application is able to specify the callback URL (redirect_uri) at which it wants to receive the final response from Auth0 at step 4. of the process. However, the communications with the upstream provider are all performed by the service itself so it’s the service that dictates the redirect_uri for the response by the upstream provider.
In conclusion, at this time it’s the /login/callback path that is used when Auth0 requires receiving responses from upstream providers. This is not configurable and the benefit of performing the login through Auth0 is that your application only needs to know Auth0 service and not the details of each upstream provider so it’s unexpected for you to need to have control on that URL.