dashy icon indicating copy to clipboard operation
dashy copied to clipboard

Published 20 hours ago verified publisher icon Lissy93

[QUESTION] Keycloak valid redirect_url

Open vfricou opened this issue 3 years ago • 7 comments

Question

Hello,

I use Keycloak v19, and when I configure Client, I only set such as documented :

  • Valid redirect url : https://dashy.domain.tld
  • Web origins : https://dashy.domain.tld

But I take a keycloak error Invalid parameter: redirect_uri

I’ve try to set Valid redirect url to https://dashy.domain.tld* or https://dashy.domain.tld/, authentication correctly work, but it’s impossible to logout from dashy with error Invalid parameter: redirect_url

Which link is correct to setup Keycloak ? I’ve search into docs and issues and I’ve not found any answers.

Thanks for your product in any cases.

Category

Authentication

Please tick the boxes

vfricou avatar Aug 18 '22 09:08 vfricou

If you're enjoying Dashy, consider dropping us a ⭐
🤖 I'm a bot, and this message was automated

liss-bot avatar Aug 18 '22 09:08 liss-bot

Where's the error happening, KC side or Dashy side? Is this in the browser console? The redirect URL of https://dashy.domain.tld should be correct. But maybe there's a bug on Dashy's side.I'll look into it when I get a moment.

In the meantim, not sure if it's any help, but have you seen Troubleshooting --> Keycloak Redirect? And some similar issues: #479, #409, #507, #491, #341, #520

Lissy93 avatar Aug 18 '22 09:08 Lissy93

Thanks for reply,

This is a KC side that indicate invalid redirect URL.

I’ve try to setup CORS without success. I’ve read too all of similar issues, but any correction possible found in it.

vfricou avatar Aug 18 '22 11:08 vfricou

Hi @vfricou, I ran into the same issue at my end. Not a big deal for me but if you happen to find a solution I'd appreciate if you could update the thread here.

Thanks

zell-mbc avatar Aug 31 '22 09:08 zell-mbc

Apparently redirect_uri has been deprecated in keycloak since version 18
This can be worked around on the keycloak side using:
bin/kc.[sh|bat] --spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true start

I tried this on keycloak 19.0.1 and it works

However - this switch is intended to be removed in some future keycloak version, so at some point a client fix will be needed.
see https://www.keycloak.org/2022/04/keycloak-1800-released

Keycloak is an open source identity and access management solution

juliannoble avatar Sep 07 '22 03:09 juliannoble

Effectively, @juliannoble starting keycloak with this option permit to fix logout issue.

Thanks for workaround.

vfricou avatar Sep 08 '22 14:09 vfricou

That worked for me as well, thanks for sharing @juliannoble

zell-mbc avatar Sep 08 '22 16:09 zell-mbc

This issue has gone 6 weeks without an update. To keep the ticket open, please indicate that it is still relevant in a comment below. Otherwise it will be closed in 5 working days.

liss-bot avatar Oct 10 '22 01:10 liss-bot

This issue was automatically closed because it has been stalled for over 6 weeks with no activity.

liss-bot avatar Oct 15 '22 01:10 liss-bot