Is it supported to use an Auth0 custom domain for Universal Login (login.brand.fit) while using a different domain (brand.fit) for Android App Links redirect ca

Get Help
,
1

We are implementing authentication in a React Native Android mobile app using a hosted login page with a custom authentication domain.

Our setup looks like this:

  • Hosted login domain:
    https://login.example.com

  • Mobile deep link domain:
    https://example.com

The mobile app starts authentication using the hosted login page on the custom auth domain.
After login, the user should be redirected back to the app using an HTTPS deep link like:

https://example.com/android/com.example.app/callback

Android App Links are configured for this domain, and the verification file is hosted at:

https://example.com/.well-known/assetlinks.json

This is required because we cannot host verification files on the authentication domain.

Question

Is it a supported or recommended approach to:

  • use the authentication domain for the hosted login page

  • and a different domain for the mobile redirect/deep link

Are there any additional configuration steps required to support this architecture?

We want to ensure this setup follows recommended best practices for mobile authentication flows.

2

Hello!

Those do not need to be the same host. Auth0 only requires that the redirect_uri you send in the authorization request is registered as an Allowed Callback URL, and that it matches exactly. Auth0 also recommends using claimed HTTPS callback URIs like Android App Links for native apps rather than custom URI schemes.

1 Like
4

Hi @ansabvk122

Welcome to the Auth0 Community!

As @JFoxUK mentioned, you would be required to configure the necessary domain/links under the Allowed Callback URLs list in the Auth0 Application’s settings.

Since you mentioned that you are using React Native, an additional thing you need to consider is that traditionally, the redirectUri uses the predefined Auth0 domain. Just make sure that you are passing the correct redirectUri in your authorization requests.

If you have any other questions, let me know!

Kind Regards,
Nik

5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.