Feature: Better documentation for Allowed Callback URLs
Description: The guidance under Allowed Callback URLs does not mention that " The application.callback_domain
variable will contain the origin of the first URL listed in the application’s Allowed Callback URL list. This lets you redirect users to a path of the application that triggered the action by using a syntax like this:"
Use-case: We had an issue where after password reset, the user was being redirected to the auth0 home page instead of our application home page due to this strange convention. It took us a long time to figure out that the solution was to change the order of callback urls (our callback url in the email template was set to application.callback_domain). This information was listed in Customize Email Templates, but it would be good to include it in the Allowed Callback URLs section to ensure users are aware of the implications of changing the order of URLs in this list.