[keycloak-user] Clarification on redirect uri configuration on the KeyCloak admin console
Vivek Srivastav (vivsriva)
vivsriva at cisco.com
Mon Jul 28 09:50:51 EDT 2014
Bill,
Thanks. That fixed it.
Regards,
Vivek
On 7/28/14, 9:40 AM, "Bill Burke" <bburke at redhat.com> wrote:
>Do
>
>redirect uri: http://localhost:8080/customer-portal/*
>
>Notice the "/*". Redirect is either a wildcard or specific/exact URL.
>
>
>On 7/28/2014 9:35 AM, Vivek Srivastav (vivsriva) wrote:
>> Thanks for clarifications. I tried using the following configuration
>>with
>> customer-portal and product-portal:
>>
>> Name: customer-portal
>> Access Type: confidential
>> Redirect URI: http://localhost:8080/customer-portal
>> Base URL:
>> Admin URL: http://localhost:8080/customer-portal/admin
>>
>> But I keep getting ³WE¹RE SORRY², ³Invalid redirect_uri² error
>>
>> Regards,
>> Vivek
>>
>>
>>
>>
>> On 7/28/14, 9:10 AM, "Stian Thorgersen" <stian at redhat.com> wrote:
>>
>>> The two special redirect-uris you refer to are for installed
>>>applications
>>> (for example a CLI interface or a desktop app). In #1 you're asking
>>>about
>>> bundling with your web app, so you shouldn't be using these.
>>>
>>> Instead you should use whatever URL you use to access your application.
>>> For example if your application is:
>>>
>>> http://www.mydomain.com/myapp/secure.html
>>>
>>> Then your redirect-uri should be:
>>>
>>> http://www.mydomain.com/myapp/secure.html
>>>
>>> You can also use a wild-card if you want to allow any page on a certain
>>> domain/context-path, for example:
>>>
>>> http://www.mydomain.com/myapp/*
>>>
>>> ----- Original Message -----
>>>> From: "Vivek Srivastav (vivsriva)" <vivsriva at cisco.com>
>>>> To: keycloak-user at lists.jboss.org
>>>> Sent: Monday, 28 July, 2014 1:54:58 PM
>>>> Subject: [keycloak-user] Clarification on redirect uri configuration
>>>>on
>>>> the KeyCloak admin console
>>>>
>>>> I am trying to understand the redirect uri configuration on the
>>>>KeyCloak
>>>> admin console.
>>>>
>>>> As per the document:
>>>>
>>>>
>>>>http://docs.jboss.org/keycloak/docs/1.0-beta-3/userguide/html_single/#i
>>>>ns
>>>> talled-applications
>>>>
>>>> there are two special special redirect uri for application. I have few
>>>> questions about the http://localhost
>>>>
>>>>
>>>> 1. When I configure my application with the http://localhost and
>>>> confidential access_type, am I supposed to provide a callback
>>>> implementation or is is handled by keyclock client libraries
>>>>that I
>>>> bundle with my web app?
>>>> 2. Am I supposed to provide a ³port² along with the redirect uri?
>>>> I.e.
>>>> http://localhost:8989 ? It seems like with either configuration
>>>> gives me
>>>> ³WE¹RE SORRY², ³Invalid redirect_uri².
>>>> 3. When running KeyCloak and my client application on separate
>>>> servers,
>>>> will the http://localhost redirect uri automatically supposed to
>>>>be
>>>> replaced with the correct IP address/hostname of the Resource
>>>>Server
>>>> provides, I.e. my application?
>>>> I understand that this redirect_uri has been made a mandatory field in
>>>> recent
>>>> release of KeyCloak and I could not find information related to its
>>>> configuration in the ³Base Part 1² tutorial video.
>>>>
>>>> Any pointers about how to configure this redirect uri for
>>>>³confidential²
>>>> access_type would be very helpful.
>>>>
>>>> Kind Regards,
>>>> Vivek
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> keycloak-user mailing list
>>>> keycloak-user at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>>
>>
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>--
>Bill Burke
>JBoss, a division of Red Hat
>http://bill.burkecentral.com
>_______________________________________________
>keycloak-user mailing list
>keycloak-user at lists.jboss.org
>https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list