K
Kinde2mo ago
Adam Tkaczyk

Redirect URL for multi-tenancy app

Another issue, but I'll start a separate thread for that, because they are unrelated. Context: I’m building a multi-tenancy, white-label app. It's an education platform, B2B2C model. I have a platform, where creators (mentors, teachers) can prepare a course. One teacher can have multiple courses. Students can have access to just part of them, but across many organisations (tenants). There is also a student portal, where students can login, if they are invited to (like edu.example1.com, med.example2.dev). I'm using NextJS. The issue is: 1. If we have one tenant under edu.example1.com 2. Second under med.example2.dev (!) What should be the KINDE_SITE_URL then? I cannot set it for one URL only, because I'll have edu.example1.com, med.example2.dev etc. And is there an easy way to setup redirect URL to the given tenant after login? So if I started from med.example2.dev, I should land on med.example2.dev after auth process.
6 Replies
Abdelrahman Zaki - Kinde
Abdelrahman Zaki - Kinde2mo ago
Hi @Adam Tkaczyk, thanks for the context. Just to clarify, could you let us know where the app is currently deployed?
Adam Tkaczyk
Adam TkaczykOP2mo ago
What exactly do you need to know? It's my dev env, single instance of app, GCP Cloud Run
top kek
top kek2mo ago
after the callback you can do whatever you want, you’re free to redirect the user to another subdomain! look at what im doing in my codebase in the /auth/callback handler: 
    await client.handleRedirectToApp(manager, new URL(request.url));

    const companySlug = await client.getClaimValue(manager, 'external_org_id', 'access_token');
    if (typeof companySlug !== 'string') {
        console.error('Access token missing external_org_id claim');
        throw badRequestError('You are not signing in to any company.');
    }

    const redirectUrl = await manager.getSessionItem('redirect_url');
    if (typeof redirectUrl === 'string') {
        await manager.removeSessionItem('redirect_url');
        if (redirectUrl.startsWith(`/${companySlug}`)) {
            return redirect(redirectUrl, { headers: await getHeaders() });
        }
    }

    const postLoginUrl = urlFrom(request, companySlug);
    return redirect(postLoginUrl.toString(), { headers: await getHeaders() });
    await client.handleRedirectToApp(manager, new URL(request.url));

    const companySlug = await client.getClaimValue(manager, 'external_org_id', 'access_token');
    if (typeof companySlug !== 'string') {
        console.error('Access token missing external_org_id claim');
        throw badRequestError('You are not signing in to any company.');
    }

    const redirectUrl = await manager.getSessionItem('redirect_url');
    if (typeof redirectUrl === 'string') {
        await manager.removeSessionItem('redirect_url');
        if (redirectUrl.startsWith(`/${companySlug}`)) {
            return redirect(redirectUrl, { headers: await getHeaders() });
        }
    }

    const postLoginUrl = urlFrom(request, companySlug);
    return redirect(postLoginUrl.toString(), { headers: await getHeaders() });
Abdelrahman Zaki - Kinde
Abdelrahman Zaki - Kinde2mo ago
Hi @Adam Tkaczyk, just checking in, did the suggestion above help with your setup? Let us know if you have any questions or if you'd like help adapting it to your use case.
Adam Tkaczyk
Adam TkaczykOP2mo ago
Hi, already implemented the auth I needed on my own 😅
Daniel
Daniel2mo ago
Got it, glad to hear you’ve got it working. Feel free to reach out anytime if you run into anything else.

Did you find this page helpful?