Open apertureless opened 2 months ago
Hi there,
thanks for opening. I believe there have been a few reports of this so I will move this to the Auth repo for the team to respond.
Well I could pinpoint my issue here. It has to do, with the undocumented fact, that the redirect_url has to be from the same host / site ? https://github.com/supabase/auth/blob/master/internal/utilities/request.go#L91
If I change the redirectTo
param in my example to http://127.0.0.1/confirm
it works.
However, I am not sure how I feel about this, because in my case I will run the auth.admin.generateLink
in an edge function which will be triggered from app-a
and should generate a magic-link and redirect to app-b
but this does not seem to be possible, right?
@apertureless have you verified that you've add the redirect url to the allow list: https://supabase.com/docs/guides/auth/redirect-urls?
I've added localhost and 127.0.0.1 to the config
Bug report
Describe the bug
I am using
auth.admin.generateLink
with typemagiclink
in an edge function and passing theredirectTo
param. However the generated link does not respect the providedredirectTo
param and returns the site url.To Reproduce
After triggering the edge function locally this is the response:
Expected behavior
redirect_to
should be set to the param provided (http://localhost:3000/confirm
) instead ofhttp://127.0.0.1:3000/auth/login