Redirect_uri empty upon receipt in auth0

1. My goal: Set up an Oauth flow with our Auth0 web application
2. Issue: redirect_uri: ""
3. Steps I've taken to troubleshoot: Atempted to manually supply the redirect_uri query parameter in the authorization url.
4. Additional info: (Cloud or Self-hosted, Screenshots)
   Self-hosted
   I have tried with and without the redirect_uri query param. The result is the same
   
   

   image1432×596 45.2 KB

Resulting error in login to Auth0

{
  "body": {},
  "qs": {
    "state": "<redacted>",
    "response_type": "code",
    "access_type": "offline",
    "redirect_uri": "",
    "prompt": "login",
    "client_id": "<redacted>",
    "scope": "openid profile email",
    "audience": "https://monaco.co/auth0-identifier/antalya"
  },
  "error": {
    "message": "The redirect_uri parameter is not valid: \"\" If url looks fine, check that you are not including non printable chars",
    "oauthError": "invalid_request",
    "type": "request-error"
  },
  "session_id": "<redacted>"
}

Was this every fixed, Missing redirect_uri in OAuth2 Google sign-in for custom auth flow - #2 by plwolfe

Hey @John_Tracy - thanks for reaching out. I don't specifically know if the linked issue was resolved, but I have a feeling that the behavior you're seeing is the result of something else entirely. Are you running an on-prem instance? And have you set the BASE_DOMAIN environment variable?

yes I am. and yes I have

Hello?

Hey @John_Tracy - sorry for the delay. I've had a chance to replicate a similar setup on my own instance but am not seeing the same error, at least on version 3.196.0. Which version are you currently running?

Some additional follow-up actions:

• Verify that the BASE_DOMAIN configuration variable has been set by navigating to the /settings/environment path. I don't think this is the issue - as Retool is correctly populating the OAuth callback URL field - but it's worth checking.
• Confirm that Auth0 itself is configured correctly by making a request to the authorization endpoint via curl or a tool like Postman.

If this issue still persists, it might make sense to join our scheduled Office Hours next week!

Confirming I have been running on 3.196.0-stable I've upgraded to 3.196.10-stable but the issue persists.

I can see in the URL that the redirect_uri is not set. If I set this, the auth flow test then works. I do not want to manually have to set this. In your reproduction, is that not the case?

Really at a loss for how to get a bug fix here. I'll join the office hours tomorrow to demonstrate my issue.

Thanks for the update, @John_Tracy. I'm starting to think your issue may actually be related to the thread that you previously linked (and recently bumped). Looking back at the internal conversation from back then, we also weren't able to reproduce that reported behavior. My attempted reproduction, which I've shared below, works as expected without any manual tweaks.

image1358×976 62.6 KB

This makes it particularly difficult to diagnose, especially in a self hosted environment. Hopefully we can shed some light on it if you join Office Hours.

I finally figured this out!

For this API resource, I had originally tried the Oauth2 native authentication method with Client Credentials grants. This method does not involve a redirect_uri being the Retool callback. I switched from Custom with Oauth2 type to Oauth2 then switched to Authorization Code grant type which sets the callback. Then switched back to Custom with Oauth2 and it finally worked.

The resource definitely should not persist this empty value in it's state in such a way that it overwrites it's current state.

Great find! I'll double check this and then update the relevant conversations internally so that we can get a fix out.