Skip to main content

Redirect URI

A Redirect URI is an endpoint where Scalekit redirects users post-authentication with the Identity Provider (IdP). In the Scalekit dashboard, you can configure up to 5 redirect URIs per environment.

Since Redirect URIs can be manipulated by unauthorized parties, Scalekit requires pre-registration of all redirect URIs used in login flows. Registration can be done in the Scalekit dashboard.

info

IdP-initiated SAML SSO Flow: Scalekit uses your configured default Redirect URI to redirect users. Learn more about handling IdP-initiated SSO flows.

Validation Rules

Redirect URIs that are configured in the Scalekit dashboard must adhere to specific validation rules for security:

Validation RuleDevelopment EnvironmentProduction Environment
Schemes Supported http
https
https
localhost Allowed Not Allowed
Wildcard support (*) Allowed

See below for full details about wildcard character support
Not Allowed
Max URI Length256 characters256 characters
Query Parameters
https://your-domain.com/callback?query=value
Not Allowed Not Allowed
Fragment Component
https://your-domain.com/callback#fragment=value
Not Allowed Not Allowed

Wildcard Character (*) in Redirect URIs

According to the OAuth 2.0 specification (section 3.1.2 of RFC 6749), a redirection URI must be an absolute URI. But, to make development and testing easier - this restriction is slightly relaxed in the DEVELOPMENT environments.

For development, wildcards can simplify testing. However, they must follow these rules:

Validation RuleExample
Wildcard Characters are not allowed as a root-level domain https://*.com
https://*.acmecorp.com
https://auth-*.acmecorp.com
A redirect URI can have only one wildcard character https://*.*.acmecorp.com
https://*.acmecorp.com
Wildcard character must be located in a subdomain within the hostname component https://acmecorp.*.com
https://*.acmecorp.com
Wildcard must be part of the subdomain that is farthest from the hostname component https://auth.*.acmecorp.com
https://*.auth.acmecorp.com

Is this page helpful? Yes No