diff --git a/src/Core/Constants.cs b/src/Core/Constants.cs
index b0b2b32204..ddd88f1e83 100644
--- a/src/Core/Constants.cs
+++ b/src/Core/Constants.cs
@@ -38,6 +38,17 @@ public static class Constants
     /// </summary>
     public static readonly string[] BitwardenCloudDomains = ["bitwarden.com", "bitwarden.eu", "bitwarden.pw"];
 
+    /// <summary>
+    /// Server permitted SSO callback redirect URIs for mobile clients.
+    /// </summary>
+    public static readonly string[] BitwardenMobileSsoCallbackUris =
+    [
+        "bitwarden://sso-callback",
+        "https://bitwarden.com/sso-callback",
+        "https://bitwarden.eu/sso-callback",
+        "https://bitwarden.pw/sso-callback",
+    ];
+
     /// <summary>
     /// Used by IdentityServer to identify our own provider.
     /// </summary>
diff --git a/src/Identity/IdentityServer/ApiClient.cs b/src/Identity/IdentityServer/ApiClient.cs
index df250ef410..74b3ede5f7 100644
--- a/src/Identity/IdentityServer/ApiClient.cs
+++ b/src/Identity/IdentityServer/ApiClient.cs
@@ -83,9 +83,7 @@ public class ApiClient : Client
         }
         else if (id == "mobile")
         {
-            RedirectUris = new[] { "bitwarden://sso-callback" }
-                .Concat(Constants.BitwardenCloudDomains.Select(d => $"https://{d}/sso-callback"))
-                .ToArray();
+            RedirectUris = Constants.BitwardenMobileSsoCallbackUris;
             PostLogoutRedirectUris = new[] { "bitwarden://logged-out" };
         }