Connected Apps are the connection point between LoginRocket (and authrocket.js) and your app(s). In a sense, they could have been called Login Pages, although they do encompass logins, signups, and all the rest of LoginRocket functionality.
Each connected app has a
*.loginrocket.com domain and may also have a custom domain (eg:
If you have multiple apps, they can be connected to LoginRocket using a single connected app or using several, depending on whether you want SSO-type functionality and how you want it to work for your users.
If you want multiple apps to work together at login, including the possibility of Seamless SSO, then you’ll want to use only a single connected app.
On the other hand, if you want each app to have an independent login experience, with separate domains and separate visual design (eg: a logo for each for respective app), then use multiple connected apps.
If you’re not sure, don’t hesitate to reach out to us and we’ll help you achieve the exact experience you’re after.
Title of a specific connected app. By default, it is used as the title or header within LoginRocket.
The subdomain portion of this app’s
*.loginrocket.com URL. If left blank, will auto-generate. An auto-generated subdomain can later be changed to something more meaningful.
This is the URL of a page/endpoint within your app that will receive the final login token after a user has logged in. It will need to validate the token and then complete the login for your app (often by setting a session variable). Alternatively, it might just set a cookie with the entire login token, letting each page/endpoint in your app validate it in the future as needed.
Note that even signups that result in a completed login (which is everything except a Signup mode of Create Signup Token) will use the Login token handler.
If (and only if) you are using Signup Tokens, then signup tokens will be handed off to this URL instead of the Login token handler URL. If this is blank, all tokens will be sent to the Login token handler anyway.
By default, logins and signups are redirected to the Login token handler at the end of the login/signup process. (Or the Signup token handler, in case of Signup Tokens.)
However, it’s possible to choose a different action on a user-by-user basis, using the
redirect_uri= query parameter to LoginRocket. This is how Seamless SSO works, but it’s also usable in other cases.
To ensure that the user is only ever redirected back to a URL for one of your apps, list those URLs here. If no URLs are listed,
redirect_uri functionality is disabled and all logins and signups will be sent to a token handler URL.
See Redirect Handling for more.
One or more custom domains can be added to your connected app. Each custom domain should have its DNS configured as a CNAME back to your
By default each custom domain will automatically redirect to the
*.loginrocket.com URL using HTTPS.
We do offer the option to add an SSL/TLS certificate to your account, which then makes it possible to select one custom domain (per connected app) as the primary domain instead of the
*.loginrocket.com domain. The cost is $20/month per added certificate. Wildcards and SAN certs are allowed if you want to use one cert for multiple apps. Contact us to get this added to your account.
To customize the LoginRocket pages for this app, you can point to an external CSS file, which will be added to the page after our default CSS, making it easy to override any of the various CSS elements. Using external asset references in the CSS, it also becomes very easy to add logos or other graphic elements to the page.
You may also inject raw HTML onto the top of each LoginRocket page. This is quite useful for adding logos, navigation bars, or various other things to your login page, helping integrate it into the rest of your app.
Just like Header HTML above, it’s also possible to inject raw HTML onto the bottom of the page. This is great for footers, bottom navigation, and more.