Hi Everyone,
we have stage environments for every pull request and as per that we use a wildcard in Allowed Callback URLs
and Allowed Web Origins
(https://*.stage.example.com). When you enter the first time all seems fine - you are redirected to Auth0 Hosted pages where you login and are redirected back to our app. But when you refresh the page or change subdomain (eg go from https://test1.stage.example.com to https://test2.stage.example.com) request to https://ourAuth0CustomDomain/authorize fails with error 400 saying The specified redirect_uri "https://test1.stage.example.com"; does not have a registered origin.
. As far as I can tell it somehow related to cookie auth0.is.authenticated
(value: true, domain: https://test1.stage.example.com, SameSite: empty value). If I delete this cookie and refresh the page, it will hit Auth0 and get new code and successfully login to the up, but, refreshing the page will create this issue again.
We are using “@auth0/auth0-spa-js”: “^1.6.4”, everything is basically configured as per official start guide for angular, both auth0 hosted pages and stage subdomain are under the same master domain.
I will be grateful for any tips.
Many thanks,
Gwidon