This page provides an overview and examples for the different URL types used with Corbado.
Based on your application setup (e.g. does it have different URL / ports for frontend and backend) and the selected integration mode, different URLs need to be handled. See the following overview to get specific examples:
The location (incl. protocol, port & path) where the web component runs. For example, it’s used to correctly redirect users in email magic links.
Often, it’s on the same domain like the authorized origin.
Depending on your decision to use Corbado's session management or your own session management, the Redirect URL has different purposes.
In any case, the Redirect URL (incl. protocol, port & path) is the location where the user is redirect to after successful authentication.
If you use Corbado's session management, the Redirect URL receives a session token as cookie or header.
If you use your own session management, the Redirect URL is appended a
corbadoAuthTokenas GET parameter (query string).
The location (incl. protocl, port & path) where your preview runs.
It can be modified by adding a CNAME.
THE CNAME DNS address (no protocol, port or path) that can be used instead of Corbado’s default Frontend API / hosted page URL. The CNAME needs to point to “<Project-ID>.frontendapi.corbado.io”.
The location (incl. protocol, port & path) in your backend that receives calls from Corbado to handle existing users.
The Relying Party ID is the domain (no protocol, port or path) where passkeys are bound to. By default it will be set to
<project ID>.frontendapi.corbado.io. You can only use passkeys in a web component that runs in a matching domain of the Relying Party ID. Matching domains means that it's either the same or a subdomain of the Relying Party ID.