Final redirect not working - Decap + Auth0 + Github

I am using Decap, and need Github authentication, which I am trying to get through Auth0. Everything is fine until the final redirect of Auth0 back to my application. If I set the redirect_uri to be deliberately incorrect (i.e. not on my Auth0 whitelist), it fails immediately, so I am as sure as I can be that the rediect_uri is set correctly.

So the stages so far are:

  • User clicks the login button on my Decap application
  • Decap redirects to Auth0 to login
  • Auth0 displays a welcome message with a “Continue with Github” link, which the user clicks
  • User is redirected to Github, which allows the user to log in, and then redirects back to Auth0 (at /login/callback with code and state URL parameters
  • Auth0 sees this, and redirects it with a 302 to /authorize/resume?state=… where the state is different from the one Github returned
  • It is this final redirect which fails. It appears in the logs as two consecutive failed logins within 15ms of one another, both with the description “Unable to issue redirect for OAuth 2.0 transaction”. The first has the “User’s Name” field set to my email address, the second has it set to N/A.

Can anyone help with fixing this? Thanks :slight_smile:

Hi @gg81,

Welcome to the Auth0 Community and thanks for posting.

First please make sure that the callback URL is set correctly within your application in Auth0, such as:

https://YOUR-APP-NAME/callback

There could be several reasons as of why you are receiving this error message, but you can take a look at your /authorize request to see if it looks similar to the example mentioned in our documentation about social logins, including the state parameter.

Otherwise if you are using a one of our SDK’s most probably you should include the redirect URI as described here :

authorizationParams: {
        redirect_uri: window.location.origin
      }

You can check our RedirectLoginOptions from our SPA SDK.

It would definitely help having a look over our Redirect Users documentation.

Also a possible fix could also be by gradually implementing one of quickstarts

I hope this helps, and if you have additional concerns feel free to ask.
Thanks,
Remus