Not able to add a wildcard path to the callback url


We offer a B2B multi-tenant SaaS software to our customers.


  1. All the customers have whitelisted domains
  2. Login can be initiated on any page of the domain.

We are using one tenant for all the customers and one app per customer. Using rotating refresh tokens and local storage to circumvent the issue that would happen when third-party cookies are blocked. by default.

However, we facing a challenge to check complete passwordless authentication from any page. The authentication is successful if we exactly add the URL, like, however, if we have to initiate the authentication from, and it’s not added in the callback URL, the SDK throws an error saying “There was an error fetching the SSO data.”

We want to able to initiate authentication from any pages of our platform, without adding each and every URL to the callback URLs, because the list keeps increasing as more content gets created on the platform.

How do we achieve this with auth0?