I have read that http: is not supported, which doesnt seem right to me, but I am guessing I need another workflow. Curently I am:
- Loading static html/JS site.
- App runs createAuth0Client() <- Failure happens here
- User logs in using auth0.loginWithPopup()
- User gets a JWT token using auth0.getTokenSilently()
- User makes call to registered API using the JWT token
This seems like it should be supported. I dont want to require https for the SPA. Is there a different workflow I should use?