"You are using a callback URL with a wildcard error" after updating from auth0 react v1 to v2

Get Help
,
1

Hey guys, so I updated my auth0-react from v1.12 to v2.2.0 and followed the migration guide.
After updating when I’m redirect to the CLU I get the following error, but with the previous version everything worked fine.

Screenshot from 2023-08-09 13-24-05
Screenshot from 2023-08-09 13-24-051462×939 57.7 KB

This is my code before updating:

provider code

<Auth0Provider
      domain={process.env.NEXT_PUBLIC_AUTH0_DOMAIN }
      clientId={process.env.NEXT_PUBLIC_AUTH0_CLIENT_ID}
      redirectUri={typeof window !== 'undefined' ? window.location.origin : undefined}
      onRedirectCallback={onRedirectCallback}
      audience='https://app.estudojo.com.br'
      cacheLocation='localstorage'
    >

login redirect

  await auth.loginWithRedirect({
        appState: {
          returnTo: window.location.pathname
        }
      })

This is my code after updating:

provider code

         domain={process.env.NEXT_PUBLIC_AUTH0_DOMAIN }
      clientId={process.env.NEXT_PUBLIC_AUTH0_CLIENT_ID}
      authorizationParams={{
        audience: 'https://app.estudojo.com.br',
        redirect_url: 'https://teste.estudojo.com.br:3001'
      }}
      onRedirectCallback={onRedirectCallback}
      cacheLocation='localstorage'
      useRefreshTokens={true}
    >

login redirect

   await auth.loginWithRedirect({
        appState: {
          returnTo: window.location.pathname
        }
      })

Those are my allowed callbacks URLs:>

https://*.estudojo.com.br, https://*.estudojo.com.br:3001, https://teste.estudojo.com.br:3001

When comparing both functional and broke CLU url, I found out that the v1 scope is “openid profile email” and v2 is “openid profile email offline_access

3

Hi @gabriel.cunha,

Welcome to the Auth0 Community!

If you remove the wildcards from the callback URL, does that resolve the error?