Hello guys, Moving cookbook demo AeroGear iOS sdk to Keycloak 1.9.x I noticed that the redirect_uri validation has changes . I used to have "org.aerogear.Shoot://oauth2Callback" for a redirect_uri. In iOS land we used custom schema [1], as a best practice very often the first part of it is defined using the iOS bundle id (Apple unique id) which most of the time contains a mix of upper/lower case letters. When discussing the subject on irc with @Marek, it seems there might be an issue in RedirectUtils.lowerCaseHostname in https://github.com/keycloak/keycloak/blob/master/services/src/main/java/o... I converted this url to : "org.aerogear.shoot://oauth2Callback" and it works better [2] and did change locally the bundle id of the iOs app. But in KC 1.4.x I was able to use upper case in redirect_uri and for an iOS point of view, it was much more convenient. What is the reasoning behind redirect_uri? Should we use http(s) as the only protocol? Thanks for your feedback. ++ Corinne [1] http://iosdevelopertips.com/cocoa/launching-your-own-application-via-a-cu... [2] https://github.com/aerogear/aerogear-backend-cookbook/pull/30/files _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev