getCsrfToken Uses Commit URL on Branch Deployments and Causing CLIENT_FETCH_ERROR

[RojhatToptamus]

I'm running into an issue with NextAuth's getCsrfToken function on Vercel branch deployments. It seems to use the deployment URL (commit-based URL) instead of the branch URL(branc-name.vercel.app), which is causing CLIENT_FETCH_ERROR on branch links. Btw as recommended, the NextAuth URL is not defined on the Vercel deployments, but looks like it is using the wrong path on the fetchData which is called by getCsrfToken.

Error Details

[next-auth][error][CLIENT_FETCH_ERROR] 
https://next-auth.js.org/errors#client_fetch_error Unexpected token '<', "<!doctype "... is not valid JSON {
  error: {
    message: `Unexpected token '<', "<!doctype "... is not valid JSON`,
    stack: `SyntaxError: Unexpected token '<', "<!doctype "... is not valid JSON\n` +
      '    at JSON.parse (<anonymous>)\n' +
      '    at parseJSONFromBytes (node:internal/deps/undici/undici:4306:19)\n' +
      '    at successSteps (node:internal/deps/undici/undici:4288:27)\n' +
      '    at fullyReadBody (node:internal/deps/undici/undici:2724:9)\n' +
      '    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n' +
      '    at async consumeBody (node:internal/deps/undici/undici:4297:7)',
    name: 'SyntaxError'
  },
  url: 'https://ui-l5gbfntuh-my-project-name.vercel.app/api/auth/csrf',  // commit url this should be the branch link
  message: `Unexpected token '<', "<!doctype "... is not valid JSON`
}

Here's the authorization function:

 async authorize(credentials, req) {
    try {
      const signin_message = JSON.parse(credentials?.message || '{}');
      const siwe = new SiweMessage(signin_message);

      const result = await siwe.verify({
        signature: credentials?.signature || '',
        domain: req.headers!.host,
        nonce: await getCsrfToken({ req: { headers: req.headers } }),
      });
      console.log('result', result);
      if (result.success) {
        return { id: siwe.address };
      }
      return null;
    } catch (e) {
      console.error('ERROR: Authorization error:', e);
      return null;
    }
  },

I would appreciate any help on how to resolve this issue.