Set callback and redirect URLs
Get started
Add a custom domain for an organization
When you add a custom domain to an organization, it sets the domain URL for authentication to the custom domain, instead of a Kinde domain address. For example account.domain.com instead of domain.kinde.com.
It’s important to include a subdomain for this procedure to work. Common subdomain names include account , id , or auth, e.g. account.domain.com.
Kinde currently supports a single custom domain per organization.
Step 1: Add the custom domain to the organization
Link to this section- In Kinde, go to Organizations.
- Browse or search for the organization.
- In the list, select the organization to open the Details page.
- Select Custom domain in the menu.
- Select Add custom domain and enter the custom domain you want. Be sure to include the subdomain, e.g.
account.domain.com. - Select Save. The DNS details are generated. Use them to add DNS records to your domain provider site.
Step 2: Add DNS records to your domain provider site
Link to this sectionInstructions will vary depending on your domain provider. Here’s the general process.
- Sign in to your domain provider admin portal.
- Navigate to the page where you can add DNS records.
- Use the details provided by Kinde to add CNAME DNS records.
Step 3: Monitor for verification and SSL certificate provisioning
Link to this section- Open the individual organization record.
- Select Custom domains.
- The custom domain panel DNS records shows the current verification status. The verification process can take anywhere from a few minutes to a couple of hours. When it completes, the verification statuses will change. Here are the possible statuses you will see:
- Unverified
- Verification in progress
- Verified
- Verification failed (check that DNS records are correct on your domain provider site and try again).
- Unprovisioned
- Provisioning in progress
- Provisioned (SSL certificate issued)
- Provisioning failed
Step 4: Update provider social auth apps and codebase
Link to this sectionIf the organization’s users will use social authentication to sign in, update the provider apps such as Google or GitHub to include the custom domain callback (e.g. account.example.com/login/callback) as an authorized redirect URI. How you do this will be different for each provider you use.
Remember to also update your application’s codebase to reference the custom domain.
Troubleshoot custom domain issues
Link to this sectionIf you encounter any errors, such as the verification taking too long, re-check the DNS records you created on your provider site, to ensure the details are correct.
No subdomain
Link to this sectionIt’s important to include a subdomain for the procedure to work, e.g. account.domain.com. If you left out the subdomain, delete the custom domain in Kinde, re-add it using the subdomain, and add the newly generated DNS details to your provider records.
Tips for the DNS set up
Link to this sectionWhen you create the DNS records be sure to match the format and details provided in Kinde.
For example, if your custom domain is account.example.com, then:
Host = account
Record type = CNAME
Value = account.example.com
TTL = Leave as default
Routing policy = Leave as default
Using multi-level subdomains
Link to this sectionIf you are using a multi-level subdomain, like multi.subdomain.example.com, how you set up DNS records will depend on how your zones are set up.
The details provided in the admin console assumes the domain entered is adding a single level to your DNS zone, but if you are adding more than one level you’ll need to create others.
So if your business is multi.subdomain.example.com and your zone is example.com, you need to create a DNS entry for multi.subdomain, as well as for _acme-challenge.multi.subdomain.
Remove a custom domain for an organization
Link to this section- Open the Organization record in Kinde.
- Select Custom domain in the menu.
- In the custom domain details area, select the three dots menu and then select Remove custom domain. Respond to the confirmation message.