diff --git a/src/server/middleware.spec.ts b/src/server/middleware.spec.ts
index bb8e380..96fdb33 100644
--- a/src/server/middleware.spec.ts
+++ b/src/server/middleware.spec.ts
@@ -6,9 +6,12 @@ const mockAuthkit = {
   saveSession: vi.fn(),
 };
 
+const mockGetConfig = vi.fn();
+
 vi.mock('./authkit-loader', () => ({
   getAuthkit: vi.fn(() => Promise.resolve(mockAuthkit)),
   validateConfig: vi.fn(() => Promise.resolve()),
+  getConfig: () => mockGetConfig(),
 }));
 
 let middlewareServerCallback: any = null;
@@ -252,6 +255,7 @@ describe('authkitMiddleware', () => {
         auth: { user: null },
         refreshedSessionData: null,
       });
+      mockGetConfig.mockResolvedValue(undefined);
 
       authkitMiddleware();
 
@@ -271,5 +275,59 @@ describe('authkitMiddleware', () => {
 
       expect(capturedContext.redirectUri).toBeUndefined();
     });
+
+    it('uses WORKOS_REDIRECT_URI from config when option not provided', async () => {
+      const envRedirectUri = 'https://env.example.com/callback';
+      mockAuthkit.withAuth.mockResolvedValue({
+        auth: { user: null },
+        refreshedSessionData: null,
+      });
+      mockGetConfig.mockResolvedValue(envRedirectUri);
+
+      authkitMiddleware();
+
+      const mockRequest = new Request('http://test.local');
+      const mockResponse = new Response('OK', { status: 200 });
+
+      let capturedContext: any = null;
+      const args = {
+        request: mockRequest,
+        next: vi.fn(async ({ context }: any) => {
+          capturedContext = context;
+          return { response: mockResponse };
+        }),
+      };
+
+      await middlewareServerCallback(args);
+
+      expect(capturedContext.redirectUri).toBe(envRedirectUri);
+    });
+
+    it('prioritizes explicit option over config', async () => {
+      const explicitRedirectUri = 'https://explicit.example.com/callback';
+      mockAuthkit.withAuth.mockResolvedValue({
+        auth: { user: null },
+        refreshedSessionData: null,
+      });
+      mockGetConfig.mockResolvedValue('https://env.example.com/callback');
+
+      authkitMiddleware({ redirectUri: explicitRedirectUri });
+
+      const mockRequest = new Request('http://test.local');
+      const mockResponse = new Response('OK', { status: 200 });
+
+      let capturedContext: any = null;
+      const args = {
+        request: mockRequest,
+        next: vi.fn(async ({ context }: any) => {
+          capturedContext = context;
+          return { response: mockResponse };
+        }),
+      };
+
+      await middlewareServerCallback(args);
+
+      expect(capturedContext.redirectUri).toBe(explicitRedirectUri);
+    });
   });
 });
diff --git a/src/server/middleware.ts b/src/server/middleware.ts
index b49ed23..a7a1090 100644
--- a/src/server/middleware.ts
+++ b/src/server/middleware.ts
@@ -1,5 +1,5 @@
 import { createMiddleware } from '@tanstack/react-start';
-import { getAuthkit, validateConfig } from './authkit-loader.js';
+import { getAuthkit, validateConfig, getConfig } from './authkit-loader.js';
 
 let configValidated = false;
 
@@ -52,7 +52,7 @@ export const authkitMiddleware = (options?: AuthKitMiddlewareOptions) => {
       context: {
         auth: () => auth,
         request: args.request,
-        redirectUri: options?.redirectUri,
+        redirectUri: options?.redirectUri ?? (await getConfig('redirectUri')),
         __setPendingHeader: (key: string, value: string) => {
           // Use append for Set-Cookie to support multiple cookies
           if (key.toLowerCase() === 'set-cookie') {