Closed alexrussell closed 4 years ago
Okay just found the wildcard subdomains Auth0 docs and it clearly states you can do part-sub domain wildcarding:
A wildcard may be prefixed and/or suffixed with additional valid hostname characters. https://prefix-*-suffix.example.com will work.
And that's it's available in:
Unfortunately not allowed in web origins so we still need the build plugin for that. But this severely reduces the necessary scope of this plugin, which is good as we get less cruft in our client configs.
I will edit the docs and the code and remove those. Great suggestion.
Implemented your solution. Thanks
Nice one - sorry for the issue spam in the end. i was just trying to implement this plugin and every "hurdle" I found I added an issue and it got out of hand!! Glad it's done the job of tightening the plugin up though 👍
In the Auth0 client configuration,
allowed_logout_urls
is one area where the developer is allowed to use*
for wildcard matching (including subdomains), so it seems sensible that the dev would set this up and we don't have to add each individual domain here.That is, unless the
*
is only for entire subdomain parts of a larger full domain, and not part-matching like I assume. The description isn't super clear here, saying:It gives the example of a full subdomain (whereas for Netlify deploy previews, we'd obviously want a part-sub domain). I haven't yet tested it out to say for certain one way or the other, but you may know.