GET 401 Unauthorized /callback Heroku issue


I’m working on a React+Express app (using create-react-app) that uses Auth0 authentication. I followed the Auth0 tutorials (e.g. here) to get my app successfully authenticating and logging / signing up users locally.

However, when I deployed my app to Heroku, I get a 401 Unauthorized error after using the Lock widget. I believe my auth’s handleAuthentication is not working properly on Heroku, because I added a print statement right after I call handleAuthentication (before rendering the Callback component) and I don’t see it printing. I also do not see access_token, id_token, and expires_at being added to localStorage as is done when running locally.

I’m wondering how to resolve Heroku Auth0 issues. I’ve seen a similar post, but no solutions that worked for me. Also, in my app settings, I have added the Heroku URL in Allowed Origins (CORS) and Allowed Callback URLs. Do I need to add the Heroku URL to Allowed Web Origins?

Thank you!

Hi @benjaminwhitlockwill,

I apologize for the delayed response on this question. I would like to reopen the topic for discussion and provide some assistance if possible.

The allowed web origins may be the issue. Also make sure to take a look at where to store tokens, as local storage is not a great place to do that.

Let me know if that helps,

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.