Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

image.png

Hi, we are using oauth, but want to set some custom rules, in our case we have a couple different apps that are getting authed through the same auth page. The apps create the auth url like on screenshot below and send it to ory to generate the challenge and start the auth flow. So all apps set the redirect_uri to the page the user is currently on (with path and everything). But we want to do some changes to the redirect uri after that based on some conditions.

• New registrations:
    ◦ redirect_uri points to first app
        ▪︎ ignore redirect_uri set, forward to a new a path
        ▪︎ an exception if path is xx, in that case follow the redirect
    ◦ redirect_uri points to any other app
        ▪︎ follow the redirect
• Logins:
    ◦ keep as is
Is this possible to do somehow?