my site: gemsim.net
I have set up a tenant in Auth0 dashboard, installed Netlify Auth0 extension and created environment variables (AUTH0_CLIENT_ID, GEM_SIM_AUTH0_DOMAIN) in Netlify console. I also added these env var to .env for local dev.
I wrapped my app (main.tsx) with Auth0Provider
as described in this doc:
createRoot(document.getElementById('root')!).render(
<StrictMode>
<Auth0Provider
clientId={import.meta.env.AUTH0_CLIENT_ID}
domain={import.meta.env.GEM_SIM_AUTH0_DOMAIN}
authorizationParams={{
redirect_uri: window.location.origin
}}
>
<BrowserRouter>
<Routes>
<Route path="/" element={<App />} />
<Route path="/playground" element={<Playground />} />
</Routes>
</BrowserRouter>
</Auth0Provider>
</StrictMode>,
)
When run netlify dev
, I see those env var were injected:
◈ Injected site settings env var: AUTH0_AUDIENCE
◈ Ignored site settings env var: AUTH0_CLIENT_ID (defined in .env file)
◈ Injected .env file env var: AUTH0_CLIENT_ID
◈ Injected site settings env var: AUTH0_ISSUER_BASE_URL
◈ Injected site settings env var: GEM_SIM_AUTH0_CLIENT_ID
◈ Ignored site settings env var: GEM_SIM_AUTH0_DOMAIN (defined in .env file)
◈ Injected .env file env var: GEM_SIM_AUTH0_DOMAIN
...
However, user login failed, and the env vars were not defined when used in the code, e.g., request URL:
https://undefined/authorize?scope=openid+profile+email&redirect_uri=…
Adding REACT_APP_ prefix to the env var name didn’t help.
If I define the Auth0 client ID and domain directly in my code without using env var, it works. However, it failed to build in deploy:
12:38:33 PM: Secret env var "AUTH0_CLIENT_ID"'s value detected:
found value at line 24236 in dist/assets/index-BUI79PF1.js
12:38:33 PM: found value at line 10 in src/main.tsx
12:38:33 PM: Secret env var "GEM_SIM_AUTH0_DOMAIN"'s value detected:
found value at line 24236 in dist/assets/index-BUI79PF1.js
12:38:33 PM: found value at line 9 in src/main.tsx
12:38:33 PM:
12:38:33 PM: To prevent exposing secrets, the build will fail until these secret values are not found in build output or repo files.
How to use the env var for Auto0 secrets so it works in local dev and also for deploy?