Maintaining OAuth/PKCE Flow During Email Verification in FusionAuth Mobile Apps
-
I’m trying to fine-tune our user registration flow so that, after verifying their email, users are deep-linked back into our mobile app. Ideally, I’d like them redirected to the login redirect URI monitored by the OS so the native web browser window used for OAuth/PKCE can close automatically. Right now, this isn’t working as expected. If I hard-code my login redirect URI into the email verification template, it errors out because the OAuth/PKCE code is missing. How can I achieve this with FusionAuth?
-
Good question—it’s a common challenge.
By default, the email verification flow breaks the OAuth/PKCE context because the user leaves the registration page to check their email and clicks a verification link. FusionAuth can’t continue the OAuth flow automatically from that email link, which is why your hard-coded redirect URI fails without the required OAuth code.
A better solution is to switch your email verification strategy from Clickable Link to Form Field (under Tenant → Email → Email Verification → Verification Strategy). With this approach, users stay on the original registration page, enter the verification code from their email, and the OAuth/PKCE flow remains intact—including the authorization code. This enables seamless redirecting back into your app after verification.
If you’re creating and registering users for an application at the same time, remember to also check the app-level registration verification settings under:
FusionAuth Admin UI → Applications → Edit Application → Registration tab.More details are in the docs: Registration Email Verification
-
M mark.robustelli marked this topic as a question
-
M mark.robustelli has marked this topic as solved