Issue with Cross-Domain Authentication Between Azure-hosted Sites and Auth0


We have two domains as follows:

We have deployed an app service on Azure for testing, and we own the following domains:
(These domains have names similar to actual domains, but the domains below do not actually exist)


Both A and B domains contain frontend source code using Auth0 and Next.js. For testing purposes, the source code for both sites is currently in the same state. When there is no session, accessing either the A or B domain leads to Auth0’s login page, and users are required to log in.

What we desire is a structure where, upon successful login on Site A, the user is redirected to Site B with a valid session applied, allowing them to use the service seamlessly.

The frontend source code we have written is as follows:

import { NextApiRequest, NextApiResponse } from "next";
import { handleAuth, handleLogin, handleCallback } from "@auth0/nextjs-auth0";

export const GET = handleAuth({
  async login(req: NextApiRequest, res: NextApiResponse) {
    return await handleLogin(req, res);
  async callback(req: NextApiRequest, res: NextApiResponse) {
    try {
      return await handleCallback(req, res, {
        redirectUri: ``,
    } catch (error) {

Additionally, we have configured Auth0 on the application side as follows:

- Application URIs
Application Login URI:
Allowed Callback URLs: https://*
Allowed Web Origins: https://*

- Cross-Origin Authentication
Allow Cross-Origin Authentication: ON
Allowed Origins(CORS): https://*

Based on the above situation, when we log in on Site A, we encounter an error in the callback function, and the following error log is generated:

CallbackHandlerError: Callback handler failed. CAUSE: unauthorized_client (The redirect URI is wrong. You sent, and we expected
at /home/site/wwwroot/.next/server/chunks/877.js:2225:19
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async callback (/home/site/wwwroot/.next/server/app/api/auth/[auth0]/route.js:132:20)
at async /home/site/wwwroot/.next/server/chunks/877.js:2053:24
at async /home/site/wwwroot/.next/server/chunks/632.js:5632:37 {
  cause: IdentityProviderError: unauthorized_client (The redirect URI is wrong. You sent, and we expected
      at NodeClient.callback (/home/site/wwwroot/.next/server/chunks/877.js:170:23)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async /home/site/wwwroot/.next/server/chunks/877.js:550:29
      at async /home/site/wwwroot/.next/server/chunks/877.js:2222:13
      at async callback (/home/site/wwwroot/.next/server/app/api/auth/[auth0]/route.js:132:20)
      at async /home/site/wwwroot/.next/server/chunks/877.js:2053:24
      at async /home/site/wwwroot/.next/server/chunks/632.js:5632:37 {
    error: 'unauthorized_client',
    errorDescription: 'The redirect URI is wrong. You sent, and we expected',
    status: 400,
    statusCode: 400,
    openIdState: {
      returnTo: ''
  status: 400
- error TypeError: Cannot read properties of undefined (reading 'headers')

Could you please advise us on what we might have done wrong? We will provide any additional information if needed.

Thank you.

1 Like