Redirect Users After Login
To make your login process as easy-to-use and seamless as possible, you'll need to keep track of where you want to route users inside your application once Auth0 redirects users back to your application after authentication.
During a user's authentication, the
redirect_uri request parameter is used as a callback URL. This is where your application will receive and process the response from Auth0, and where the users will be redirected, once the authentication is complete.
Because callback URLs can be manipulated by unauthorized parties, Auth0 recognizes only whitelisted URLs set in the Allowed Callback URLs field of a Application's Settings as valid.
However the callback URL is not necessarily the same URL to which you want users redirected after authentication.
Redirect users to a non-callback URL
To redirect authenticated users to a URL that is not the callback URL, you can store the desired URL:
- In web storage (for single page apps, running on the browser), or
- In a a cookie (for regular web apps, running on the server)
You can then create the necessary logic in your application to retrieve the stored URL and redirect your users where you want.