URL overview
This page provides an overview and examples for the different URL types used with Corbado.
Based on your application setup (e.g. does it have different URL / ports for frontend and backend) and the selected integration mode, different URLs need to be handled. See the following overview to get specific examples:
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
The full URL (incl. protocol & port, no path) that the user sees in the browser and from where JavaScript calls to Corbado are made.
Prod | Local |
|---|---|
https://www.my-application.com | http://localhost:8080 |
The location (incl. protocol, port & path) where the web component runs. For example, it’s used to correctly redirect users in email magic links.
Often, it’s on the same domain like the authorized origin.
Prod | Local |
|---|---|
https://www.my-application.com/login | http://localhost:8080/login |
Depending on your decision to use Corbado's session management or your own session management, the Redirect URL has different purposes.
In any case, the Redirect URL (incl. protocol, port & path) is the location where the user is redirect to after successful authentication.
If you use Corbado's session management, the Redirect URL receives a session token as cookie or header.
If you use your own session management, the Redirect URL is appended a
corbadoAuthToken as GET parameter (query string).Prod | Local |
|---|---|
https://www.my-application.com/logged-in
with corbadoAuthToken: https://www.my-application.com/logged-in?corbadoAuthTOken= 5FClU6XEWynC4dQ2W34LGERlHYGPe8PHs9zUhxgrSbVj9FNupp5lE5z4lMoRpDlP | http://http://localhost:8080/logged-in
with corbadoAuthToken: http://localhost:8080/logged-in?corbadoAuthToken= 5FClU6XEWynC4dQ2W34LGERlHYGPe8PHs9zUhxgrSbVj9FNupp5lE5z4lMoRpDlP:8080 |
The location (incl. protocl, port & path) where your preview runs.
It can be modified by adding a CNAME.
Prod | Local |
|---|---|
https://<project ID>.frontendapi.corbado.io
https://<CNAME> | https://<project ID>.frontendapi.corbado.io
https://<CNAME> |
THE CNAME DNS address (no protocol, port or path) that can be used instead of Corbado’s default Frontend API / hosted page URL. The CNAME needs to point to “<Project-ID>.frontendapi.corbado.io”.
Prod | Local |
|---|---|
login.my-application.com | login.my-application.com |
The location (incl. protocol, port & path) in your backend that receives calls from Corbado to handle existing users.
Prod | Local |
|---|---|
https://www.my-application.com/v1/corbado/webhooks | http://localhost:8080/v1/corbado/webhooks |
The Relying Party ID is the domain (no protocol, port or path) where passkeys are bound to. By default it will be set to
<project ID>.frontendapi.corbado.io. You can only use passkeys in a web component that runs in a matching domain of the Relying Party ID. Matching domains means that it's either the same or a subdomain of the Relying Party ID. Prod | Local |
|---|---|
pro-123456789.frontendapi.corbado.io or my-application.com | localhost |
Last modified 1mo ago