The two special redirect-uris you refer to are for installed applications (for example a
CLI interface or a desktop app). In #1 you're asking about bundling with your web app,
so you shouldn't be using these.
Instead you should use whatever URL you use to access your application. For example if
your application is:
You can also use a wild-card if you want to allow any page on a certain
domain/context-path, for example:
From: "Vivek Srivastav (vivsriva)"
Sent: Monday, 28 July, 2014 1:54:58 PM
Subject: [keycloak-user] Clarification on redirect uri configuration on the KeyCloak
I am trying to understand the redirect uri configuration on the KeyCloak
As per the document:
there are two special special redirect uri for application. I have few
questions about the http://localhost
1. When I configure my application with the http://localhost
confidential access_type, am I supposed to provide a callback
implementation or is is handled by keyclock client libraries that I
bundle with my web app?
2. Am I supposed to provide a “port” along with the redirect uri? I.e.
? It seems like with either configuration gives me
“WE’RE SORRY”, “Invalid redirect_uri”.
3. When running KeyCloak and my client application on separate servers,
will the http://localhost
redirect uri automatically supposed to be
replaced with the correct IP address/hostname of the Resource Server
provides, I.e. my application?
I understand that this redirect_uri has been made a mandatory field in recent
release of KeyCloak and I could not find information related to its
configuration in the “Base Part 1” tutorial video.
Any pointers about how to configure this redirect uri for “confidential”
access_type would be very helpful.
keycloak-user mailing list