I’m using okta login with Express. When I run it on a server, it does call the loginCallback function that I specify on new ExpressOIDC config. But when I use the same okta app on another server, it’s not being called, instead after login it shows a 404 saying that loginCallback path does not exist. I create a loginCallback to handle the redirect, but then I have no access to req.userContext.

const oidc = new ExpressOIDC({
    issuer: "{issuer}",
    client_id: "{client_id}",
    client_secret: "{client_secret}",
    appBaseUrl: "http://localhost:3000",
    redirect_uri: "http://localhost:3000/loginCallback",
    scope: "openid email profile",
    routes: {
      loginCallback: {
        path: "/loginCallback",
        handler: (req, res, next) => {
          console.log("req", req.userContext.tokens);

Above code is not ran in an app but it’s on the other.

server.get('/loginCallback', async (req, res, next) => {
    console.log("here!", req);

above code runs but can’t userContext obj


  1. when you run on the servers (not localhost) are you binding to an SSL port (https)?
  2. when you run on the server is the application running in the app servers root context or a sub context? (ie https://server/myapp vs https://server/sub/myapp)