Auth0 Home Blog Docs

RedirectUrl rules (Redirect to a specific page according to user)

redirect-rules
redirect

#1

Great job on Auth0, it gets better and better the more I delve deeper.

Here’s my question:
Is it possible to redirect according to the login email address?
Example:

(Same auth0 client and database. It doesn’t matter if I use the Centralized login or Embedded login.)


#2

Redirects are almost like layers of abstraction… you can always have one more (sometimes at the cost of increased complexity) so technically, yes, you can achieve that.

A few things to have in mind is that the OIDC/OAuth 2.0 authentication that you’re likely relying already defines some redirects in order to complete the authentication flow and those redirects have to follow some rules. In particular, a client application needs to specify a redirect URL that was previously registered (white-listed) with the authorization server, otherwise, the request fails.

The above implies that if you want to redirect each user to a different URL the only way to accomplish this within the OIDC/OAuth2 redirects would be to register them all; this would likely not scale so the recommendation would be that your client application has a central redirect URL used for OIDC/OAuth2 authentication and then upon successful authentication performs a final redirect based on the end-user that just completed authentication.


#3

Is there some doc article that you recommend on this subject?


#4

There is this documentation page, but I think is more aimed at other scenarios where the final redirect is not so much based on an end-user, but instead contextual to what they were doing before authentication.


#5

Quick question: is it safe to expose the clientID?

I’m using the following URL form to get the centralized login page:

https://AUTH0_DOMAIN//login?client=CLIENT_ID


#6