# Authorized return URLs

One of required inputs for your Google or Azure OAuth app registration is the authorized redirect or return URIs. Here is an example from a Google developer console:

<div data-full-width="true"><figure><img src="https://s3.amazonaws.com/helpscout.net/docs/assets/5dd72e4d2c7d3a7e9ae44753/images/5f3724c32c7d3a352e90dcb5/file-m2K6SjbM0Z.jpg" alt=""><figcaption></figcaption></figure></div>

For Aurinko to be able to initiate and complete your app's authorization flow an Aurinko hosted url has to be specified in your Google or Azure AD app registration. Office 365 /  Azure AD users could simply use <mark style="color:red;">`https://api.aurinko.io/v1/auth/callback`</mark> but Google would not allow urls from unverified domains and you can't verify aurinko.io domain as you don't own it. Office 365 user may also want to use an url from  domain they own as in certain scenarios that domain is shown in the app's consent window.\ <br>

Callback configuration:

Provision your own URL and make your server redirect all callback requests to Aurinko at <mark style="color:red;">`https://api.aurinko.io/v1/auth/callback`</mark>. It's important to clone all query parameters in a redirect, like `code`, `state`, `error`, ...\
When choosing this approach you also need to tell Aurinko your own return URL, which is done on the app settings page, in the Google OAuth or Office 365 OAuth sections.