Is this related to a new or existing framework?
Next.js
Is this related to a new or existing API?
Authentication
Is this related to another service?
No response
Describe the feature you'd like to request
Support dynamic redirect after sign-in to return users to their originally requested page.
Currently, createAuthRouteHandlers only supports a static redirectOnSignInComplete value:
createAuthRouteHandlers({
redirectOnSignInComplete: '/dashboard', // Always redirects here
})This means users always land on the same page after sign-in, regardless of where they were trying to go. For example:
- User tries to access
/settings/profile
- Gets redirected to sign-in
- After successful sign-in, lands on
/dashboard instead of /settings/profile
This is a common UX pattern that most authentication libraries support out of the box (NextAuth.js callbackUrl, Auth0 returnTo, Clerk, etc.).
Describe the solution you'd like
Support a redirectTo query parameter on the sign-in endpoint:
/api/auth/sign-in?redirectTo=/settings/profile
After successful authentication, the user should be redirected to /settings/profile instead of the static redirectOnSignInComplete value.
Usage in middleware would be:
// middleware.ts
if (!authenticated) {
return NextResponse.redirect(
`/api/auth/sign-in?redirectTo=${encodeURIComponent(request.nextUrl.pathname)}`
);
}Security considerations:
- Only allow relative paths (reject absolute URLs to prevent open redirect attacks)
- Fall back to
redirectOnSignInComplete if redirectTo is not provided or invalid
Describe alternatives you've considered
-
User-managed cookies: Store the return URL in a cookie before redirecting to sign-in, then read it after sign-in and redirect manually. This works but requires users to handle cookie management (security attributes, expiration, cleanup) and implement open redirect protection themselves.
-
Client-side redirect: After sign-in, land on a page that reads a query parameter and does router.replace(). This adds an extra redirect hop and requires coordination between middleware and the landing page.
Both alternatives push complexity onto users for what is a very common use case.
Additional context
No response
Is this something that you'd be interested in working on?
Is this related to a new or existing framework?
Next.js
Is this related to a new or existing API?
Authentication
Is this related to another service?
No response
Describe the feature you'd like to request
Support dynamic redirect after sign-in to return users to their originally requested page.
Currently,
createAuthRouteHandlersonly supports a staticredirectOnSignInCompletevalue:This means users always land on the same page after sign-in, regardless of where they were trying to go. For example:
/settings/profile/dashboardinstead of/settings/profileThis is a common UX pattern that most authentication libraries support out of the box (NextAuth.js
callbackUrl, Auth0returnTo, Clerk, etc.).Describe the solution you'd like
Support a
redirectToquery parameter on the sign-in endpoint:After successful authentication, the user should be redirected to
/settings/profileinstead of the staticredirectOnSignInCompletevalue.Usage in middleware would be:
Security considerations:
redirectOnSignInCompleteifredirectTois not provided or invalidDescribe alternatives you've considered
User-managed cookies: Store the return URL in a cookie before redirecting to sign-in, then read it after sign-in and redirect manually. This works but requires users to handle cookie management (security attributes, expiration, cleanup) and implement open redirect protection themselves.
Client-side redirect: After sign-in, land on a page that reads a query parameter and does
router.replace(). This adds an extra redirect hop and requires coordination between middleware and the landing page.Both alternatives push complexity onto users for what is a very common use case.
Additional context
No response
Is this something that you'd be interested in working on?