https://supabase.com/ logo
Join Discord
Powered by
How do I change the 'redirect_to' parameter that i...
# help
b
How do I change the 'redirect_to' parameter that is included at the end of the confirmation URL in an invitation by email process?
n
How do I change the 'redirect_to' parameter that is included at the end of the confirmation URL in an invitation by email process?
Hello @Bryan K.! This thread has been automatically created from your message in #843999948717555735 a few seconds ago. We have already mentioned the @User so that they can see your message and help you as soon as possible! Want to unsubscribe from this thread? Right-click the thread in Discord (or use the ``...`` menu) and select "Leave Thread" to unsubscribe from future updates. Want to change the title? Use the ``/title`` command! We have solved your problem? Click the button below to archive it.
j
@Bryan K. it is one of the options you pass to signUp: https://supabase.com/docs/reference/javascript/auth-signup
n
Bryan K. (2022-05-11)
b
@jaitaiwan I am using the invite() function, not signUp().
j
@Bryan K. inviteUserByEmail?
Ok cool. And the redirectTo option isn't working for you in that either?
b
No.
I passed... 
"data": "{"email": "zivbk1@gmail.com","redirectTo": "https://spoa.netlify.app/auth/resetpassword"}",
j
Is the url in redirectTo apart of your callback uri in the project settings?
b
Maybe I need the entire URL there and not just the domain portion?
"A comma separated list of exact URLs..."
j
Recently were some changs to how that stuff worked. For the invite and signup, I'd say that the site url has to have the same hostname in redirectTo
b
I tried adding the full URL as well and I get a link like this... 
https://xxxxxx.supabase.co/auth/v1/verify?token=xxxxxxxx&type=invite&redirect_to=https://www.skylineanacortes.org
Where the redirect_to parameter in that URL is set to the 'Site URL' shown in my settings screenshot above.
j
Is it 
redirect_to
or 
redirectTo
?
b
It says 
redirectTo
in the REST data payload, but it is 
redirect_to
in the confirmation URL link in the invitation email I get.
@jaitaiwan any other ideas to get this to work? I don't see how using the wildcards instead of a full exact URI would fix what I am trying to do.
j
I agree. Lets lay it out... You're triggering the invite on what url? redirectTo is set to what url? Project settings have what for additional redirect urls?
Just want to get the picture clear in my head
b
Endpoint URL: https://nygvctirftovmxxxxx.supabase.co/auth/v1/invite JSON Payload to the URL: 
{"email":"email@domain.com", "options":{"redirectTo":"https://spoa.netlify.app/auth/resetpassword"}}
Project settings now for redirects: shown in image.
The Invitation link in the email that I get: 
https://nygvctirftovmzkfgadg.supabase.co/auth/v1/verify?token=aoimambxnhxxxxxxxx&type=invite&redirect_to=https://spoa.netlify.app
Which is just the SiteURL, and not the 
redirectTo
that I pass in the JSON body.
The user shows up in the Auth Users table, so that part is working, but the 
redirect_to
URL parameter is incorrect in the link above.
j
Just for giggles... can you try removing the comma and the second link in the additional redirect urls area?
b
Ok, testing
@jaitaiwan no luck, same thing. redirect_to in the URL is the base url and not the 'redirectTo' value I am passing.
I have just found something about 'POST' requests do not allow the redirectTo param to be set?
j
POST requests?
Hmm
Can you check the SPA's localStorage?
b
j
It's possible it will redirect to the root url and then on from there
b
But the URL in the link is to 
https://nygvctirftovxxxxx.supabase.co/auth/v1/verify
j
What I'm trying to hint at here, is that perhaps the full redirect path is stored in localStorage. So after verification it only redirects the host and then once back there localStorage is read to find out where the final location should be. Just a thought
Easy way is to check session and localstorage to see what's in there
b
I'm not calling invite from the application. I am calling it in a server-side automation script.
I'll check the localstorage, but I don't open a browser in the process until I am clicking the link in the email that leads to the verify endpoint.
@jaitaiwan No cookies, session or local storage.
I am wondering if instead of using the invite by email function, I should just use the script to create users in the system and then just send them an email outside of Supabase auth that gives them a temporary random password to login with and then provide them with a link in the email to go change their password. This would totally bypass depending on the 
redirectTo
feature to work.
Yeah, I think I need to not depend on that and try a different approach.
Notice that the POST 
/invite
endpoint doesn't show anything other than passing the email. https://supabase.com/docs/gotrue/server/about#post-invite
I'm going to leave this open overnight to see if anyone else can verify the findings and close it tomorrow if not.
b
I'm just catching up with this entire thread, so forgive me if I've missed something....
But redirect URLs need to be whitelisted explicitly in the dashboard in order to be called via 
redirectTo
.
HOWEVER....
There's a brand new feature available (documentation should be coming very very shortly) where you can wildcard a URL in the dashboard using globbing syntax.
So you can add a * to your redirect urls in the dashboard, such as https://google.com/*
shoot, the ** did not show up there, LOL
add a ** to the end of that URL and that'll "wildcard" that URL
as in https://google.com/(asterisk)(asterisk) 
https://google.com/**
b
This is VERY helpful.
b
👍 amen
PreviousNext
Powered by