Native client on arbitrary machine and port

I am maintaining a classic Windows desktop application and want to replace its custom username + password authentication by OpenID Connect. In the end, I managed to make it word: It starts a micro HTTP service locally, then asks the default system browser to request an OpenID Token to be delivered by redirection to the local HTTP service. So far, so good.

Now the problem is that in production, that classic Windows Desktop application will be deployed on thousands of customer PCs. Each PC has a different host name, and each PC has different free IP ports. So in reality, the person maintaining the Auth0 service account cannot know upfront all allowed host names and possible ports. Or in other words, he would use “http://localhost:*/resume” as a generic allowed redirection URL. Apparently this is not wanted by Auth0.

As adding OpenID Connect to class Windows Desktop applications is a default case, and as starting a local HTTP service apparently is the default solution, I wonder how others solved that problem with the host names and free ports? What is the official Auth0 advice on this topic?

To amend, I do know the possibility of using a pseudo URL like “native://resume”. The problem with this is that Chrome always asks if the user really wants to open native app, which I did not find a persistent fix for (so it just asks once). Maybe someone knows to fix that?

Found the setting in Chrome, BTW: Chrome Enterprise Policy List & Management | Documentation.

It is rather sad to not hear from Auth0 support so far. Would be nice to get an answer. Thanks.