Auth0 · Schema

ClientRedirectionPolicyEnum

Controls whether Auth0 redirects users to the application's callback URL on authentication errors or in email verification flows. `open_redirect_protection` shows an error page instead of redirecting, and hides the callback domain from email templates. `allow_always` enables standard redirect behavior. Defaults to `open_redirect_protection` for third-party clients. Only applies when `is_first_party` is `false` and `third_party_security_mode` is `strict`. To learn more, read Redirect protection.

AI AgentsAuthenticationAuthorizationFGAIdentity ManagementMCPOAuthOktaOpenID ConnectSAMLSecuritySCIM
View JSON Schema on GitHub

JSON Schema

auth0-clientredirectionpolicyenum-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/ClientRedirectionPolicyEnum",
  "title": "ClientRedirectionPolicyEnum",
  "type": "string",
  "description": "Controls whether Auth0 redirects users to the application's callback URL on authentication errors or in email verification flows. `open_redirect_protection` shows an error page instead of redirecting, and hides the callback domain from email templates. `allow_always` enables standard redirect behavior. Defaults to `open_redirect_protection` for third-party clients. Only applies when `is_first_party` is `false` and `third_party_security_mode` is `strict`. To learn more, read <a href=\"https://auth0.com/docs/get-started/applications/third-party-applications/security-controls#redirect-protection\">Redirect protection</a>.",
  "enum": [
    "allow_always",
    "open_redirect_protection"
  ],
  "x-release-lifecycle": "GA"
}