joshcanhelp
commented
5 years ago @leakira - It's possible that it doesn't support that currently, but it should. Let me take a look here in the next day or so and see if we can easily add that support.
Closed leakira closed 5 years ago
joshcanhelp
commented
5 years ago @leakira - It's possible that it doesn't support that currently, but it should. Let me take a look here in the next day or so and see if we can easily add that support.
joshcanhelp
commented
5 years ago @leakira - I tagged this issue in the PR above as I thought it would address your issue here but it looks like it's unrelated.
When you get "You should not be hitting this endpoint," what endpoint are you hitting? If you login using a custom domain as your authorize endpoint, then the token and userinfo endpoint should work fine as well. Using an audience for API access shouldn't change anything about that process.
Are you using the same custom domain as the domain for the API? If you're using 'https://' + ENV['AUTH0_DOMAIN'] + '/mfa/' then your domain is now your custom domain, which won't work. You'll need another env variable or hard-code your auth0.com domain as your API base.
leakira
commented
5 years ago Hi @joshcanhelp I found the problem, it's in my end. It's solved and working now. Thanks for your support.
joshcanhelp
commented
5 years ago Happy to help! Was it what I said above or something else? It would be helpful to have your solution in case someone else runs into the same problem.
leakira
commented
5 years ago The problem had in hosted page, missing to change Universal Login's Auth0Lock settings to work with custom domain. Innitially I had think that these settings need to do on initializer, but after searching more in Auth0 dashboard, I found this page and chaged it, solving the problem.
hiattp
commented
3 years ago For posterity/anyone else, I ran into a similar problem. Followed the various sample applications and quickstarts, which does lead you down the path of using AUTH0_DOMAIN both as the provider argument for omniauth (which can/should be your custom domain if you have one if I understand correctly) and the base for the API via the client, something like:
Auth0::Client.new(
client_id: fetch('AUTH0_CLIENT_ID', nil),
client_secret: fetch('AUTH0_CLIENT_SECRET', nil),
domain: fetch('AUTH0_DOMAIN', nil),
api_version: 2,
)Which is used for logouts and creating users or whatever else. Someone using this library is likely to be using the ruby client as well, and the notions of the "API base URL" and explicit audiences are abstracted away, leaving you with mysterious errors like "Service not enabled for ..." or whatever when you attempt a logout after successfully authenticating, or client initialization failures despite using your "perfectly good" custom domain.
The fix isn't explicitly spelled out for those of us less familiar with Auth0 as far as I'm aware. Apparently, as alluded to above, you need to initialize the omniauth provider with your custom domain but your auth0 client with the default/tenant domain. So the third argument above changes to something like ENV.fetch['AUTH0_TENANT_DOMAIN'] whereas the argument to the omniauth provider during initialization becomes something like ENV.fetch('AUTH0_CUSTOM_DOMAIN']:
provider :auth0,
ENV.fetch('AUTH0_CLIENT_ID', nil),
ENV.fetch('AUTH0_CLIENT_SECRET', nil),
ENV.fetch('AUTH0_CUSTOM_DOMAIN', nil),
authorize_params: { scope: 'openid email profile' }vs
Auth0::Client.new(
client_id: fetch('AUTH0_CLIENT_ID', nil),
client_secret: fetch('AUTH0_CLIENT_SECRET', nil),
domain: fetch('AUTH0_TENANT_DOMAIN', nil),
api_version: 2,
)
Using custom domain with this gem
Description
I'm tring to implement custom domain, but I receive only "You should not be hitting this endpoint. Make sure to use the code snippets shown in the tutorial or contact support@auth0.com for help" error alert.
Thank you
Environment
Please provide the following:
Reproduction
My initializers/auth0.rb:
I changed AUTH0_DOMAIN with custom domain. I tried setting configuration_base_url too, but not solves.