For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Contact UsSign In
HomeIntegrationsGuidesBrand Assets
HomeIntegrationsGuidesBrand Assets
  • Supported Applications
    • Overview
    • Shopify
    • Azure
  • Configurations
    • Overview
    • Configuration Standards
      • Redirect URIs
      • Language Localization
      • Privacy & Terms of Service
      • Authorization Duration
      • Token Expiration
      • Session Length
  • Deploy and Monitor
    • Overview
    • Quality Assurance Testing
    • Launching in Production
    • Monitoring Performance
    • Conversion Tracking
    • Help
  • Sample Code
    • Overview
  • Terms of Service
    • Developers
    • Partners
LogoLogo
Contact UsSign In
On this page
  • What you need to know
  • Best practices
  • Redirect URI configuration
ConfigurationsApplications

Redirect URIs

Was this page helpful?
Edit this page
Previous

Language localization

Next
Built with

Redirect URIs are a required part of any OAuth 2.0 or OpenID Connect integration. After a user completes the authorization flow, ID.me redirects them back to your application using the specified redirect_uri. This URI may include sensitive information, so it’s critical that redirection only occurs to trusted, pre-configured locations.

What you need to know

  • A redirect_uri must be configured and included in the authorization request to begin the OAuth or OIDC flow
  • You can register multiple redirect URIs per application, but keep the list as limited as possible to reduce complexity and risk
  • Wildcards (*) and URI fragments (#) are not supported
  • Avoid using query parameters in the redirect URI, as they may not be handled predictably across identity flows
  • The maximum character limit is 255

Properly managing your redirect URIs helps secure your integration and ensures reliable user redirection back to your application

Best practices

To help keep your application secure, configure your redirect URIs as static callback URLs. These should only allow the following parameters:

Authorization code flow

  • code
  • state
  • id_token (if applicable)

Redirect URI configuration

You can update and manage your redirect URIs directly from the developer dashboard by following these steps:

1

Login to the ID.me developer portal

2

Select View Applications

3

Select your application and select Continue

4

Select Edit and scroll down to update your redirect URIs

To configure a localhost or ngrok URI for development, please contact your ID.me solution consultant or email partnersupport@id.me