发表新帖
发表新帖

keycloak Invalid parameter: redirect_uri

前端 未结
关注
17 2112
旧时难觅i
旧时难觅i 2020-12-13 03:27

When I am trying to hit from my api to authenticate user from keycloak, but its giving me error Invalid parameter: redirect_uri on keycloak page. I have created my own realm

相关标签:
17条回答
  • 执笔经年
    2020-12-13 03:48

    Your redirect URI in your code(keycloak.init) should be the same as the redirect URI set on Keycloak server (client -> Valid Uri) click to view image of my code click to view my keycloak settings

    0 讨论(0)
  • 刺人心
    2020-12-13 03:50

    If you're seeing this problem after you've made a modification to the Keycloak context path, you'll need to make an additional change to a redirect url setting:

    1. Change <web-context>yourchange/auth</web-context> back to <web-context>auth</web-context> in standalone.xml
    2. Restart Keycloak and navigate to the login page (/auth/admin)
    3. Log in and select the "Master" realm
    4. Select "Clients" from the side menu
    5. Select the "security-admin-console" client from the list that appears
    6. Change the "Valid Redirect URIs" from /auth/admin/master/console/* to /yourchange/auth/admin/master/console/*
    7. Save and sign out. You'll again see the "Invalid redirect url" message after signing out.
    8. Now, put in your original change <web-context>yourchange/auth</web-context> in standalone.xml Restart Keycloak and navigate to the login page (which is now /yourchange/auth/admin)
    9. Log in and enjoy
    0 讨论(0)
  • 故里飘歌
    2020-12-13 03:51

    If you are using the Authorization Code Flow then the response_type query param must be equal to code. See https://www.keycloak.org/docs/3.3/server_admin/topics/sso-protocols/oidc.html

    0 讨论(0)
  • 清酒与你
    2020-12-13 03:52

    If you're trying to redirect to the keycloak login page after logout (as I was), that is not allowed by default but also needs to be configured in the "Valid Redirect URIs" setting in the admin console of your client.

    0 讨论(0)
  • 忘掉有多难
    2020-12-13 03:53

    You need to check the keycloak admin console for fronted configuration. It must be wrongly configured for redirect url and web origins.

    0 讨论(0)
  • 没有蜡笔的小新
    2020-12-13 03:53

    Check that the value of the redirect_uri parameter is whitelisted for the client that you are using. You can manage the configuration of the client via the admin console.

    The redirect uri should match exactly with one of the whitelisted redirect uri's, or you can use a wildcard at the end of the uri you want to whitelist. See: https://www.keycloak.org/docs/latest/server_admin/#_clients

    Note that using wildcards to whitelist redirect uri's is allowed by Keycloak, but is actually a violation of the OpenId Connect specification. See the discussion on this at https://lists.jboss.org/pipermail/keycloak-dev/2018-December/011440.html

    0 讨论(0)
 看不清?
提交回复
热议问题