Managing allowed callback urls for multiple subdomins

What is the best practice to manage login to one of my many subdomains. One subdomain represent a website a user can create on the fly by clicking on various templates. Many subdomain can belongs to one user.

I’m particulary interested in how to manage Allowed callback urls because now I use a Management API to dynamically create callback url for each created subdomain.
I’m thinking there must be a better way to manage these url records.
I’m not so familiar with organisations but I would like to use something like Organization URL placeholders but as i read it’s more for custoemrs not for customers’ individual websites.
It’s a but cumbersome to manage these callback urls, because any acsidental deletaion could lead to a website be unavailable. The fiels also tiny/short to observe the available callbacks.

Any guidance would be appreciated.