Set custom domain as redirect URL
Some Social Sign-in Providers such as Google or GitHub show the Redirect URL as part of the sign-in process. By default, Ory Network uses a redirect URL that points to the Ory Network domain:
This setting applies to all social sign-in providers (new and existing) and cannot be changed on a per-provider basis. So,
changing the base_redirect_uri
will break previously existing and functional social sign-in connections, because Ory Identities
will initiate the OIDC flow with the new redirect URL.
- Ory Console
- Ory CLI
To use a custom domain as the redirect URL, go to the OpenID Connect (OIDC) page and click Show advanced settings and add the domain to the Base Redirect URI.
To change the redirect URL to your custom domain, you need to update the base_redirect_uri
:
## List all available projects
ory list projects
## Add OIDC base redirect URI
ory patch identity-config <project-id> \
--add '/selfservice/methods/oidc/config/base_redirect_uri="https://ory.example.org"'
After changing the base redirect URI you need to update the redirect URL of social sign-in providers you want to use. This is done in the configuration of the social sign-in provider. To update an existing social sign in provider, follow these steps:
- Open the Ory Console and navigate to the social sign-in configuration screen.
- Choose the provider you want to fix and click on the configuration button.
- Copy the Redirect URI from the form.
- Replace the Ory Network URL
{project-slug}.projects.oryapis.com
with your custom hostname, such asory.example.org
. - Update the Redirect URI - also called Authorization callback URL - in the social sign-in provider configuration.
Make sure the Redirect URI matches the hostname you configured in the Ory Network configuration. For example when your custom
hostname is https://ory.example.org
, the Redirect URI needs to be https://ory.example.org
, not https://www.ory.example.org
or https://ory.example.org/
.