Identityserver4: [Question] Invalid redirect_uri / unauthorized_client
Hi guys,
I am running into a configuration problem and I am not sure how to solve it.
Currently running an IdentityServer4 instance on Azure. Developing a MVC Client Application Locally on my Dev Machine using Docker. I want to authenticate via the IdentityServer4 on Azure. I keep running into the same error.
2017-06-01 14:12:35.680 +00:00 [Error] Invalid redirect_uri: http://localhost/signin-oidc
"{
\"ClientId\": \"web\",
\"ClientName\": \"Web client\",
\"RedirectUri\": \"http://localhost/signin-oidc\",
\"AllowedRedirectUris\": [
\"http://localhost//signin-oidc\"
],
\"SubjectId\": \"anonymous\",
\"RequestedScopes\": \"\",
\"Raw\": {
\"client_id\": \"web\",
\"redirect_uri\": \"http://localhost/signin-oidc\",
\"response_type\": \"code id_token\",
\"scope\": \"openid profile offline_access guests\",
\"response_mode\": \"form_post\",
\"nonce\": \"636319231539529100.NTBlNWM1YmEtZmFjZC00MGUxLTlhMDYtMTcwZjFjNzNmYTA5M2M2Y2IzZDQtNzkyMS00MmQ4LWFhZjgtZjZmZWRmYzNkOTU3\",
\"state\": \"CfDJ8KrXZeLkZ8lKm4Wu87ozsIwdVsir21lqZhZhMjnICxuNdw6et6v-xieQrwFw-vYLJONmkg6z2pbpojrdLI-M_85zfSlnvtEPHwOVUv5jVJwilnRICKe9mYFrBv8OHR2-VD8TMafn_X85qjaOK-3tLthTvY_aPsFZN6rLedZWhE31Y75k6PeyjPw4Au2Ga4qxfbngJEzA7Buqe8QE_FQKck8707XfD11KnroPIHq_qwZwBO7UltTHy2o0cRk5HUTBE2FCTY42BfjDQZttanzQ6kzLOqoeuK7iF8O5dw5XkaE2j5lUVygQ3dcqAu5tRXOLctspED8viRBL9s1ifDs2R_s\",
\"x-client-SKU\": \"ID_NET\",
\"x-client-ver\": \"2.1.3.0\"
}
}"
In my client application I set the Callback Uri to http://localhost/ and in my IdentityServer I registered the client with http://localhost/.
Not sure if this is even possible or if I am going completly wrong here...
Thanks for any hint :-)
Franklin89
All 11 comments
Your AllowedRedirectUris is set to http://localhost//signin-oidc your provided one is
http://localhost/signin-oidc - I believe they must match _exactly_. This may be your issue!
Mardoxx
on 1 Jun 2017
@Mardoxx You are correct. The default redirect URL validator does a case insensitive compare on the full URL.
chrisowhite
on 2 Jun 2017
This is totally embarrassing.
I was looking at the log message for hours and did not see that :-1:
@Mardoxx Thanks for pointing it to me...got it working again...
Franklin89
on 2 Jun 2017
Hi good day!
I have a problem similar to @Franklin89, I developed my IdentityServer using the netcoreapp1.1 framework, IdentityServer4 version 1.52, with a console client the connection works fine, but with an MVC client netcoreapp2.0, within the records shows me:
error: IdentityServer4.Validation.AuthorizeRequestValidator [0]
Redirect_uri inv谩lido: http://localhost:5001/signin-oidc
--code omitted--
error: IdentityServer4.Endpoints.AuthorizeEndpoint [0]
Request validation error
I did the steps that are in https://identityserver4.readthedocs.io/en/release/quickstarts/5_hybrid_and_api_access.html but I still have the same problem, for the client that I am working in the https://github.com/ IdentityServer repository /IdentityServer4.Samples/tree/release/Clients/src/MvcHybrid for an asp.net core 2 application without success, something that stands out is that the AllowedRedirectUris parameter is empty.
fail: IdentityServer4.Validation.AuthorizeRequestValidator[0]
Invalid redirect_uri: http://localhost:5001/signin-oidc
{
"ClientId": "client-hugo",
"RedirectUri": "http://localhost:5001/signin-oidc",
"AllowedRedirectUris": [],
"SubjectId": "anonymous",
"RequestedScopes": "",
"Raw": {
"client_id": "client-hugo",
"redirect_uri": "http://localhost:5001/signin-oidc",
"response_type": "code id_token",
"scope": "openid profile email api-alumnos offline_access",
"response_mode": "form_post",
"nonce": "636412201009966900.ZDNmYjdmZWMtNWNlMS00ZDQyLWIxMjMtNWIzYTM4M2FhZmRhMmMxZGE2ZDUtM2M0MS00ZThiLTk4M2ItNDk2NGQ5YmZlODFj",
"state": "CfDJ8J0brcCMivFPtUfbYRpOjISliA92IArZsJS1dmagQ9jYdvpmVj2ABROstPNhJyCWx8q4SntL6PXRubMgGqeUfdqWF0mNRAYifGy8OuEPZSQT295vWVfyN5gGhuvB6jQ043D14yUPLwkhS29IYfMoiliLQGatygTVnGMVJ7Bo-aV7FJcpHit-9b3RHRyaHiE0tToZdP8NxJInJ4vthIlXw1rgLjOmSqPxeN9KDfLgWrpki7XoBLkmV2K7px_GWp0ebaitkxnXTzDPg82M-nRJWfYLAXJ1nGvoZLD3GIXqFV22hDm0wmygbmRaMKezwZmHY12qr2pwa1N22aifJTZFzPY",
"x-client-SKU": "ID_NET",
"x-client-ver": "2.1.4.0"
}
}
fail: IdentityServer4.Endpoints.AuthorizeEndpoint[0]
Request validation failed
What do you recommend me to do?
hugorojas1121
on 17 Sep 2017
Hello @hugorojas1121 did you fixed this error?
renatoeufe
on 25 Sep 2017
how to solve this?
oottoohh
on 1 Mar 2018
I am getting this error also? fail: IdentityServer4.Validation.AuthorizeRequestValidator[0] Invalid redirect_uri:
prisar
on 19 Apr 2018
HI
I have similar issue, in my CONGIF file I changed the client "RedirectUris = { "http://webadmin.myrserver.net/signin-oidc" }" the address from the hosting server (IIS) and when I try to connect the clients my error log shows " \"redirect_uri\": \"http://localhost:5100/signin-oidc\"," (my development address) , does anyone know how to solve this issue?
Regards.
wgutierrezr
on 24 Jul 2018
I was dealing with a similar issue... I was thinking that I couldn't use as RedirectUris the root of my SPA, for instance, http://www.mysite.com/, in the end I fixed it by delete the bin and obj folder from my project, then rebuild everything, this way it recognized my root as a valid redirect URI.
flauberjp
on 15 Aug 2018
I had similar issue. Turns out there were 2 slashes in RedirectUri for client (just before signin-oidc). Modified to single slash and it worked.
RedirectUris =
{
"http://localhost:53846//signin-oidc"
},
dharmeshtailor
on 21 Sep 2018
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
![lock[bot] picture](https://avatars1.githubusercontent.com/in/6672?v=4&s=40)
lock[bot]
on 13 Jan 2020
Related issues
createroftheearth
路
3Comments
wangkanai
路
3Comments
eshorgan
路
3Comments
leastprivilege
路
3Comments
Aravind1729
路
3Comments
Most helpful comment
This is totally embarrassing.
I was looking at the log message for hours and did not see that :-1:
@Mardoxx Thanks for pointing it to me...got it working again...