Hello,
I am trying to create a login app for multiple applications. Here’s the scenario:
- User goes to a protected page within app https://app1.domain.com
- Auth0 detects user is unauthenticated and redirects to https://auth.domain.com
- User is successfully authenticated and redirected back to https://app1.domain.com
*User clicks on https://app2.domain.com, browser redirects user. Since user is already authenticated, user lands protected page
What was done:
- Created 3 applications in Auth0
- All apps (auth, app1 & app2) point to the same callback url (https://auth.domain.com/api/auth/callback)
Results:
When user lands on protected page in https://app1.domain.com, user is redirected to error page with the following error message:
unauthorized_client : Callback URL mismatch. https://tapp1.domain.com/api/auth/callback is not in the list of allowed callback URLs
Do I have this setup/configured correctly?
Thanks,
IJ