Integration Reference
Next ReasonNext Reason CareersNext Identity Status

Allowed Redirect URI Formats

An in-depth guide to setting up return and logout URLs on our platform, clarifying supported formats, character restrictions, and addressing common queries for efficient user redirection.

This comprehensive guide provides detailed instructions on the best practices and acceptable formats for setting up return and logout URLs on our platform. From defining the permitted and disallowed URL schemes to outlining character limitations, this guide is invaluable for users looking to enhance their configuration process.

URI Formats Supported

Our system supports the following URI schemes:

  • HTTP
  • HTTPS
  • Custom mobile schemes

Please note that some URI formats, such as mailto\:, are not supported.

Usage of 'Localhost' in URIs

The usage of localhost in the URIs is supported.

Including Query Parameters in URIs

Query parameters can be included in the URIs. Please note that our system validates the entire URL, excluding the parameters, both in the Hosted Journeys and API.

Character Restrictions in URIs

URIs on our platform should consist of alphanumeric characters, special characters, and a few others, following certain rules:

  • Allowed: Alphanumeric characters (English alphabet) and some special characters are permitted in the URI without encoding.
  • Require Encoding: Special characters such as backslashes, hyphens, accented letters, and non-English characters must be percent-encoded.
  • Disallowed: White space characters are not supported in the URI and must be encoded.

For example, a space can be encoded as %20, a backslash as %5C, and a hyphen as %2D.

URI Length Guidelines

For optimal compatibility and system performance, we recommend that the total length of the full URL, including the redirect URI and any additional parameters, not exceed 2048 characters. This recommendation aligns with industry standards and the typical maximum length most browsers can effectively handle.

Please note if the redirect URI alone approaches or exceeds this length, the likelihood increases that a browser may truncate the full URL, potentially causing issues with the request. Therefore, while the 2048 character limit is not a hard restriction, it serves as a guideline to ensure smooth functionality and prevent potential issues.

Restrictions in URI Formats

No Support for Wildcards in URIs

❌ Wildcards (*) are not permitted in URIs. The redirect URI must be an exact match with what is included in your allow list. If you wish to include specific URL path information for a user journey, we recommend using the state parameter. More information can be found in this guide.

Handling URIs in Hosted Journeys & API

There is no difference between the treatment of redirect_uri or post_logout_redirect_uri values in Hosted Journeys and API. Both adhere to the same restrictions and validations as mentioned in this guide.

Seeking Further Assistance

For more specific questions or assistance, please get in touch with our support or onboarding team, who are ready to assist you. Remember also to consult our external integration documents.