diff --git a/framework/auth/views.py b/framework/auth/views.py
index 0338654fac3..90904fa0c16 100644
--- a/framework/auth/views.py
+++ b/framework/auth/views.py
@@ -1207,6 +1207,10 @@ def validate_next_url(next_url):
     :return: True if valid, False otherwise
     """
 
+    # allow redirection to angular locally
+    if settings.LOCAL_ANGULAR_URL in next_url and settings.DEBUG_MODE:
+        return True
+
     # disable external domain using `//`: the browser allows `//` as a shortcut for non-protocol specific requests
     # like http:// or https:// depending on the use of SSL on the page already.
     if next_url.startswith('//'):
diff --git a/tests/test_auth_views.py b/tests/test_auth_views.py
index 8e8cc5fafb1..aa248ccdaaf 100644
--- a/tests/test_auth_views.py
+++ b/tests/test_auth_views.py
@@ -584,6 +584,17 @@ def test_next_url_login_with_auth(self):
         assert data.get('status_code') == http_status.HTTP_302_FOUND
         assert data.get('next_url') == self.next_url
 
+    def test_next_url_angular_login_with_auth(self):
+        data = login_and_register_handler(self.auth, next_url=settings.LOCAL_ANGULAR_URL)
+        assert data.get('status_code') == http_status.HTTP_302_FOUND
+        assert data.get('next_url') == settings.LOCAL_ANGULAR_URL
+
+    def test_next_url_angular_login_without_auth(self):
+        request.url = web_url_for('auth_login', next=settings.LOCAL_ANGULAR_URL, _absolute=True)
+        data = login_and_register_handler(self.no_auth, next_url=settings.LOCAL_ANGULAR_URL)
+        assert data.get('status_code') == http_status.HTTP_302_FOUND
+        assert data.get('next_url') == cas.get_login_url(request.url)
+
     def test_next_url_login_without_auth(self):
         # login: user without auth
         request.url = web_url_for('auth_login', next=self.next_url, _absolute=True)
diff --git a/website/settings/defaults.py b/website/settings/defaults.py
index d09e583c181..40ecad5f0c2 100644
--- a/website/settings/defaults.py
+++ b/website/settings/defaults.py
@@ -90,6 +90,7 @@ def parent_dir(path):
 INTERNAL_DOMAIN = DOMAIN
 API_DOMAIN = PROTOCOL + 'localhost:8000/'
 RESET_PASSWORD_URL = PROTOCOL + 'localhost:5000/resetpassword/' # TODO set angular reset password url
+LOCAL_ANGULAR_URL = 'localhost:4200'
 
 PREPRINT_PROVIDER_DOMAINS = {
     'enabled': False,