This issue with the auth settings tripped me up last week and it took me hours to fix it.

I think there are two additional things we need with this PR:

1. We need to mention that the CV_FXA_DOMAIN, if it is using Auth0 as the identity provider, needs to have the URL not in double quotes.

2. In the sample .env-local-docker.example file, there are no values for:

• CV_FXA_DOMAIN
• CV_FXA_CLIENT_ID
• CV_FXA_CLIENT_SECRET

In trying to debug the auth settings last week, I found that I needed these settings, or I needed to explicitly disable auth in a .config file.

For someone new setting up a development environment, it's not intuitive.

I am proposing that:

The three values are added to .env-local-docker.example file

• CV_FXA_DOMAIN
• CV_FXA_CLIENT_ID
• CV_FXA_CLIENT_SECRET

as part of this PR, but their values are left blank. This is OK, because this PR updates the DEVELOPMENT.md instructions on how to use e.g. Auth0 as an identity provider, and I have left a comment about the URL not being in double quotes that we should document, too.

I am wondering - and @HarikalarKutusu I would appreciate your thoughts on this - should we create a .config file that has comments in it on how to disable authentication? So if someone just wants to set up a local dev environment it makes it easier to get to "first contribution" without worrying about authentication?

Could you please contact me via Matrix to talk about these?

Closing this @moz-kathyreid, please open another. I'll be around if you need support on Windows/WSL2 related issues/tests.