https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> Whenever a user sets up their accou...
# ory-copilot
f
@chilly-king-10285 Whenever a user sets up their account via a recovery link, how can I redirect them back to a certain domain after they do so? I don't want to use the default browser redirect setting as I want to redirect different users to different domains after that flow
b
A message from kapa.ai
When a user recovers their account, you can control where they're redirected after completing the recovery flow by using the 
return_to
query parameter. This allows you to dynamically specify different redirect destinations for different users without relying on the default browser redirect settings. ## Using the 
return_to
parameter You can specify a custom redirect URL when initiating the recovery flow by adding the 
return_to
parameter to your recovery flow initialization:
Copy code
javascript ory   .createBrowserRecoveryFlow({     returnTo: String(returnTo || ""),   })
This approach allows you to programmatically set different redirect URLs for different users based on your application logic [Github Issue #2371](https://github.com/ory/kratos/issues/2371). ## How recovery flow redirection works The recovery flow has a specific redirection pattern: 1. User initiates recovery flow (with your custom 
return_to
parameter) 2. Email is sent with a recovery link or code 3. User completes recovery by submitting the code or clicking the link 4. User gets a session and is redirected through the settings flow 5. User submits the settings flow with an updated password 6. User is redirected to the URL specified in the 
return_to
parameter The 
return_to
URL persists across the recovery-to-settings flow transition, which is important since recovery flows typically transition to settings flows [Ory Docs: Advanced Integration](https://www.ory.sh/docs/kratos/bring-your-own-ui/custom-ui-advanced-integration). ## Multiple domains consideration If you're using multiple custom domains, you might need to handle the redirect URLs dynamically in your code. As noted in an open issue, the current Ory Network configuration doesn't allow setting different redirect configurations per custom domain [Github Issue #374](https://github.com/ory/network/issues/374). A common workaround is to set the 
return_to
value dynamically in your code based on where the code is running, which allows you to handle different domains appropriately. Remember that any domain you use with 
return_to
must be whitelisted in your Ory configuration under 
selfservice.allowed_return_urls
to prevent open redirect attacks.
28 Views
Open in Slack
PreviousNext
Powered by