Change redirect-back-to-app url parameters?

We are using Auth0’s emails for confirmation and password reset. When a user clicks the links in these emails, they are directed to Auth0’s domain (in the case of password reset) and redirected to our website with an email url parameter.

This used to be just fine, but now Google analytics is hounding us for putting “user information” in our urls. Is there a way to change or remove these url parameters to comply with what they’re asking for?

1 Like

We are currently looking into this internally and will have an update in the next few days.

It’s not possible to change or remove the parameters purely through configuration. However, this situation (of including the email in the query string) is being tracked and planned to be addressed in the future, however, at this time, I can’t provide any definitive information about any timelines.

The currently available workarounds are not to configure a redirection URL or configure a redirect URL that is solely under your control and that does not expose the information to third-parties. This redirect URL could still perform an additional redirection, but now without including the information that causes the issue with the third-party (Google).

Any updates on this? We have the same problem.


There are no changes to this situation so at this point you either need to avoid the redirection URL or use a redirection URL that is not in scope of your Google Analytics implementation.