Thanks Alex. I went back and looked and it doesn't seem I can even turn that option on. Its set to First Party and when I try to set it to Third Party I get this:
So that doesn't really answer the question as to why fusion auth is redirecting to the "consent" endpoint. This process is kicked off via the normal "authorize" endpoint so I don't think email templates are in play either.
I have a Fusion Auth server working with an ASP.NET application. However, we are trying to use the same server with Azure Static Websites. I've followed their docs, however FusionAuth appears to be getting stuck in a redirect loop. The first odd thing that stands out is that fusion auth is redirecting from oauth2/authorize to oauth2/consent. I can't find documentation about this endpoint or why FusionAuth would do that.
The flow goes as follows:
[AzureStaticWebApp] -> [FusionAuth] oauth2/authorize -> [FusionAuth] oauth2/consent -> [AzureStaticWebApp] callback.
My fusion auth debug log says that the code has been exchanged successfully exchanged for an access token. But the redirect loop seems to say otherwise?
What is this oauth2/consent endpoint and why is fusion auth redirecting there? My best guess is that this is what's messing up the hand off with Azure Static Websites auth?
Any additional information would be helpful
Query String of the oauth2/authorize request
Query String of the oauth2/consent request
Query String of the 'callback` request
