<div dir="ltr">Per <a rel="12650576" id="gmail-key-val" href="https://issues.jboss.org/browse/KEYCLOAK-3585" class="gmail-issue-link">KEYCLOAK-3585:</a><p>Currently, valid redirect URI hostnames allow for wildcards at the end like so:</p>
<p>
</p><div id="gmail-syntaxplugin" class="gmail-syntaxplugin" style="border-width:1px;border-style:dashed;border-color:rgb(187,187,187);border-radius:5px;overflow:auto;max-height:30em">
<table style="font-size:1em;line-height:1.4em;font-weight:normal;font-style:normal;color:black" width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr id="gmail-syntaxplugin_code_and_gutter">
<td style="line-height:1.4em;padding:0em;vertical-align:top">
<pre style="font-size:1em;margin:10px;width:auto;padding:0px"><span style="color:black;font-family:"consolas","bitstream vera sans mono","courier new",courier,monospace"><a href="http://www.redhat.com/*">http://www.redhat.com/*</a>
</span></pre>
</td>
</tr>
</tbody>
</table>
</div>
<p>
</p><p>I'm managing several environments where clients need 'n' number of available redirect URI's with different hostnames, I.E.</p>
<p>
</p><div id="gmail-syntaxplugin" class="gmail-syntaxplugin" style="border-width:1px;border-style:dashed;border-color:rgb(187,187,187);border-radius:5px;overflow:auto;max-height:30em">
<table style="font-size:1em;line-height:1.4em;font-weight:normal;font-style:normal;color:black" width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr id="gmail-syntaxplugin_code_and_gutter">
<td style="line-height:1.4em;padding:0em;vertical-align:top">
<pre style="font-size:1em;margin:10px 10px 0px;width:auto;padding:0px"><span style="color:black;font-family:"consolas","bitstream vera sans mono","courier new",courier,monospace"><a href="http://developer1.env.redhat.com">http://developer1.env.redhat.com</a></span></pre>
</td>
</tr>
<tr id="gmail-syntaxplugin_code_and_gutter">
<td style="line-height:1.4em;padding:0em;vertical-align:top">
<pre style="font-size:1em;margin:0px 10px;width:auto;padding:0px"><span style="color:black;font-family:"consolas","bitstream vera sans mono","courier new",courier,monospace"><a href="http://developer2.env.redhat.com">http://developer2.env.redhat.com</a></span></pre>
</td>
</tr>
<tr id="gmail-syntaxplugin_code_and_gutter">
<td style="line-height:1.4em;padding:0em;vertical-align:top">
<pre style="font-size:1em;margin:0px 10px 10px;width:auto;padding:0px"><span style="color:black;font-family:"consolas","bitstream vera sans mono","courier new",courier,monospace"><a href="http://developer3.env.redhat.com">http://developer3.env.redhat.com</a>
</span></pre>
</td>
</tr>
</tbody>
</table>
</div>
<p>
</p><p>Would really help to have the ability to wildcard hostnames too, I.E.:</p>
<p>
</p>
<pre style="font-size:1em;margin:10px;width:auto;padding:0px"><span style="color:black;font-family:"consolas","bitstream vera sans mono","courier new",courier,monospace">http://*.<a href="http://env.redhat.com">env.redhat.com</a>
</span></pre><br><div>I've submitted <a href="https://github.com/keycloak/keycloak/pull/3241">#3241</a> to address this issue, but there seem to be some concerns about allowing wildcards in other parts of the URL. See the PR for a more fleshed out discussion, but wanted to start a thread here on the mailing list. Particularly with respect to:<br><ul><li>Does anyone have need of this feature or would find it useful?</li><li>Should this kind of wildcard be allowed as a configuration option by Keycloak?<br></li></ul></div><div><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><span><div><div>Josh Cain | Software Applications Engineer<br></div><i>Identity and Access Management</i><br></div><b>Red Hat</b><br>+1 256-452-0150<br></span></div></div></div></div></div>
</div></div>