OAuth apps require exact callback URL matches, making multi-host setups tricky. Caddy Security's redirect_url parameter solves this by centralizing the OAuth flow on a single auth domain, then redirecting users back to their originating virtual host. The approach requires one authorization policy per virtual host, each specifying its own redirect_url pointing back to the respective app domain.
Sort: