Redirect URLs

Overview

When using passwordless sign-ins or third-party providers, the Datafuse client library methods provide a redirectTo parameter to specify where to redirect the user to after authentication. By default, the user will be redirected to the SITE_URL but you can modify the SITE_URL or add additional redirect URLs to the allow list. Once you've added necessary URLs to the allow list, you can specify the URL you want the user to be redirected to in the redirectTo parameter.

To edit the allow list, go to the URL Configuration page. In local development or self-hosted projects, use the configuration file.

Use wildcards in redirect URLs

Datafuse allows you to specify wildcards when adding redirect URLs to the allow list. You can use wildcard match patterns to support preview URLs from providers like Netlify and Vercel.

The separator characters in a URL are defined as . and /. Use this tool to test your patterns.

Redirect URL examples with wildcards

Netlify preview URLs

For deployments with Netlify, set the SITE_URL to your official site URL. Add the following additional redirect URLs for local development and deployment previews:

• http://localhost:3000/**
• https://**--my_org.netlify.app/**

Vercel preview URLs

For deployments with Vercel, set the SITE_URL to your official site URL. Add the following additional redirect URLs for local development and deployment previews:

• http://localhost:3000/**
• https://*-username.vercel.app/**

Vercel provides an environment variable for the URL of the deployment called NEXT_PUBLIC_VERCEL_URL. See the Vercel docs for more details. You can use this variable to dynamically redirect depending on the environment. You should also set the value of the environment variable called NEXT_PUBLIC_SITE_URL, this should be set to your site URL in production environment to ensure that redirects function correctly.

const getURL = () => {
  let url =
    process?.env?.NEXT_PUBLIC_SITE_URL ?? // Set this to your site URL in production env.
    process?.env?.NEXT_PUBLIC_VERCEL_URL ?? // Automatically set by Vercel.
    'http://localhost:3000/'
  // Make sure to include `https://` when not localhost.
  url = url.startsWith('http') ? url : `https://${url}`
  // Make sure to include a trailing `/`.
  url = url.endsWith('/') ? url : `${url}/`
  return url
}

const { data, error } = await datafuse.auth.signInWithOAuth({
  provider: 'github',
  options: {
    redirectTo: getURL(),
  },
})

Email templates when using redirectTo

When using a redirectTo option, you may need to replace the {{ .SiteURL }} with {{ .RedirectTo }} in your email templates. See the Email Templates guide for more information.

For example, change the following:

<!-- Old -->
<a href="{{ .SiteURL }}/auth/confirm?token_hash={{ .TokenHash }}&type=signup">Confirm your mail</a>

<!-- New -->
<a href="{{ .RedirectTo }}/auth/confirm?token_hash={{ .TokenHash }}&type=signup"
  >Confirm your mail</a
>

Mobile deep linking URIs

For mobile applications you can use deep linking URIs. For example, for your SITE_URL you can specify something like com.datafuse://login-callback/ and for additional redirect URLs something like com.datafuse.staging://login-callback/ if needed.

Read more about deep linking and find code examples for different frameworks here.

Error Handling

When authentication fails, the user will still be redirected to the redirect URL provided. However, the error details will be returned as query fragments in the URL. You can parse these query fragments and show a custom error message to the user. For example:

const params = new URLSearchParams(window.location.hash.slice())

if (params.get('error_code').startsWith('4')) {
  // show error message if error is a 4xx error
  window.alert(params.get('error_description'))
}