Configure callback urls with wildcard

bryan1 · June 11, 2020, 10:07pm

I am configuring Auth0 login for our development environments, and I would like to use a wildcard in “Allowed Callback URLs”, “Allowed Logout URLs”, “Allowed Web Origins”, and “Allowed Origins (CORS)”.

The url structure is http://api.$user.dev.com and http://app.$user.dev.com where “$user” is the username of the developer e.g. http://api.bryan.dev.com and http://app.bryan.dev.com.

I would like to set the allowed urls so they work for all users, but I’ve tried all possible combinations and none of them work:

http://api.*.dev.com
http://*.dev.com
http://*.*.dev.com
*.dev.com

Does anyone have other ideas about how to do this?

Thank you,
Bryan

markd · June 12, 2020, 11:32am

The requirements for wildcards in subdomains are pretty strict. Of the examples you provided, only the second one will work, and it will only match a single subdomain. There’s nothing built in to the service that supports this. I can imagine an app with sufficient permissions dynamically updating the allowed URLs but you’d have to build that yourself.

bryan1 · June 12, 2020, 5:15pm

Thanks for the response. Dynamically updating sounds a little brittle and too much effort. I’ll instruct devs to use a consistent url and update their /etc/host instead.

Topic		Replies	Views
Alows multiple callback urls Help configuration , application	2	1250	August 29, 2023
Dynamic Callback URLs with Wildcards Knowledge Articles callback , wildcard , callback-url	1	2817	September 14, 2022
Wildcard for callback urls Help callback	11	12241	December 21, 2022
Allowed web origins URLs doesn't work with wildcard Help configuration , application	4	1298	May 31, 2023
We would like to add wildcard URL for "callbacks" and "allowed_logout_urls" Help auth0	2	2827	May 25, 2022

Configure callback urls with wildcard

Related Topics