Allowed Callback URLs ending with a wildcard

vitalie.andries · July 23, 2017, 4:28pm

Looks like a value from Allowed Callback URLs is ignored

http://localhost/*

Is there a way to allow users to log in from any location from my site e.g.
instead of listing all of the possible pages (twice: prod and dev urls)?

Thank you

prashantT · July 29, 2017, 4:02am

As mentioned in the Client settings page:

You can use the star symbol as a
wildcard for subdomains
(‘*.google.com’). Make sure to specify
the protocol, http:// or https://,
otherwise the callback may fail in
some cases.

Wildcards are only allowed for the subdomain - the suggested way to handle multiple routes is to use a single callback route (e.g. /callback), end redirect to the desired route from within your application:

Store the following in localStorage: randomStateValue: ‘/profile’.
Pass randomStateValue as the state
parameter in the authentication
request.
Check the state value in
the callback, and retrieve the value
for randomStateValue from
localStorage.
Perform the redirect
from within your application.

Topic		Replies	Views
Wildcard Url's not matching in callback Help login , callback-urls , callback , wildcard , client-setup	3	7209	March 2, 2018
We would like to add wildcard URL for "callbacks" and "allowed_logout_urls" Help auth0	2	2827	May 25, 2022
Alows multiple callback urls Help configuration , application	2	1250	August 29, 2023
Wildcard for callback urls Help callback	11	12261	December 21, 2022
Callback URL wildcard to avoid explicit index.html? Help callback-urls , callback , wildcard	3	6131	March 2, 2018

Allowed Callback URLs ending with a wildcard

Related topics