diff --git a/src/nginxconfig.ejs b/src/nginxconfig.ejs
index 936bd71ff..b6f0bca49 100644
--- a/src/nginxconfig.ejs
+++ b/src/nginxconfig.ejs
@@ -388,7 +388,7 @@ server {
             return 401;
         }
 
-        return 302 "/login";
+        return 302 /login?redirect=$request_uri;
     }
 
     location / {
diff --git a/src/proxyauth.js b/src/proxyauth.js
index 69300f63e..05a63a0b5 100644
--- a/src/proxyauth.js
+++ b/src/proxyauth.js
@@ -130,6 +130,14 @@ async function login(req, res, next) {
         footer: marked.parse(await branding.renderFooter())
     };
 
+    if (req.query.redirect) {
+        res.cookie('cloudronProxyAuthRedirect', req.query.redirect, {
+            httpOnly: true,
+            maxAge: constants.DEFAULT_TOKEN_EXPIRATION_MSECS,
+            secure: true
+        });
+    }
+
     const translationAssets = await translation.getTranslations();
     const template = fs.readFileSync(__dirname + '/oidc_templates/proxyauth_login.ejs', 'utf-8');
     const html = ejs.render(translation.translate(template, translationAssets.translations || {}, translationAssets.fallback || {}), options);
@@ -167,7 +175,11 @@ async function authorize(req, res, next) {
         secure: true
     });
 
-    res.redirect(302, '/');
+    const redirect = req.cookies.cloudronProxyAuthRedirect || '/';
+    res.clearCookie('cloudronProxyAuthRedirect');
+
+    res.redirect(302, redirect);
+
 }
 
 async function logout(req, res, next) {