Variable ClientRedirectionPolicyEnumConst

Controls whether Auth0 redirects users to the application's callback URL on authentication errors or in email verification flows. open_redirect_protection shows an error page instead of redirecting, and hides the callback domain from email templates. allow_always enables standard redirect behavior. Defaults to open_redirect_protection for third-party clients. Only applies when is_first_party is false and third_party_security_mode is strict. To learn more, read Redirect protection.