One login app for multiple applications


I would like to setup a login app that allows the user to login and redirect to other applications.
The login app is a centralized login uses Auth0. Once logged in, the user will have the ability to

  1. Update their user profile
  2. Chose a url from a list of applications to redirect to.
  3. All applications are on the same domain

If the user tries to go the application directly and they’re unauthenticated, they should be redirected back to the login app.

Any direction in how to do that?


Hi @imad,

You could take a look at setting a single Allowed Callback URL for all applications, once the user is authenticated, they will be redirected back to the Callback URL so this could be your login app.
I recommend taking a look at our Quick Starts to see how / where to configure the Callback URL for your specific application.

Kind Regards,


Hi Nathan,

thanks for your response. So the “Allowed Callback” config for each application in Auth0 will be the login app callback url?


Hi @imad,

Yes, that is correct. This way all of your applications will return the user to the same Callback URL.

I hope that helps!


1 Like

Thanks Rueben,

when I configure the “Allowed Callback” url of the other calling application (basically pointing to the login callback url), I got the following error:

Callback URL mismatch.
The provided redirect_uri is not in the list of allowed callback URLs.

Am I missing a configuration?


Hi @imad,

Thank you for your response.

I suspect a misconfiguration with the redirect_uri of the login request or the list of Allowed Callback URLs.

Note that the error page should give you a small button to click See details for this error.

On the error details, you should be advised about a Callback URL mismatch with a URL that is not in the list of allowed callback URLs.

In this case, you will have to make sure that your application is calling one of the Allowed Callback URLs for your app. If this is correct, then please make sure your login request’s redirect_uri points to your callback URL.

For example:
Allowed Callback URL:

Login request:



This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.