Application configuration
Configure authentication and callback URLs for your Hanzo IAM applications.
After deploying Hanzo IAM and creating an organization, configure applications and their authentication settings.
This page explains how to configure application authentication using Hanzo IAM.
:::note
Example: Configuring a forum application using Casnode.
:::
Create an application and fill in the required configuration.
Select the organization you created so that users in that organization can access this application.
If your organization is named my_organization, select it from the drop-down menu.
To allow users to authenticate via Hanzo IAM when they sign up, set the Redirect URL to your application’s callback URL (e.g. https://your-site-url.com/callback).
:::caution
Callback URL vs Redirect URL
- The callback URL configured in the provider (e.g. GitHub, Google) must be Hanzo IAM’s callback URL:
http://your-iam-url.com/callback. - The Redirect URL configured in Hanzo IAM must be your application’s callback URL:
http://your-site-url.com/callback.
:::
How the flow works
- The user initiates sign-in and is sent to Hanzo IAM.
- Hanzo IAM uses the application’s Client ID and Client Secret to authenticate with the provider (e.g. GitHub, Google).
- After successful authentication, the provider redirects back to Hanzo IAM. The provider’s callback URL must be Hanzo IAM’s callback:
http://your-iam-url.com/callback. - Hanzo IAM then redirects to your application with the auth result. Hanzo IAM’s Redirect URL must be your app’s callback:
http://your-site-url.com/callback.
Verification Code Settings
Use Code resend timeout to control how long users must wait before requesting another verification code (email or SMS). The value is in seconds (default: 60) and sets the countdown shown on the login page. Set to 0 to use the global default.
:::tip
For finer control over sign-in methods (e.g. disabling or enabling specific methods), see Sign-in methods.
:::
How is this guide?
Last updated on