The problem identified in Application Login URI field payload validation error for https://localhost:3000/authorize still hasn’t been fixed, and it’s making it difficult to test in development.
The workaround of using https://127.0.0.1/… doesn’t quite work because the dev server is expecting http, not https.
Is there some reason the engineers can enable non-https localhost for Allowed Callback URLs and Allowed Web Origins, but not Application Login URI?
Hi @sdtf,
As stated in this doc:
The
login_urlshould point to a route in the application that ends up redirecting to Auth0’s/authorizeendpoint, e.g.https://mycompany.org/login. Note that it requireshttpsand it cannot point tolocalhost.
I don’t have a specific answer as to why it is required in this field versus the others you mentioned, but they address it specifically which suggests having a secure origin is important in this instance.
I would suggest formally making a feature request about this via our feedback page, this way the product team hears from you and can contact you with any questions.
Thanks,
Dan
Thanks for your reply. I submitted the feedback.
We really appreciate it! Thanks.
Let us know if you have any other questions!
Dan
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.