I am trying to understand the redirect uri configuration on the KeyCloak admin console. 

As per the document:

there are two special special redirect uri for application. I have few questions about the http://localhost 
  1. When I configure my application with the http://localhost and confidential access_type, am I supposed to provide a callback implementation or is is handled by keyclock client libraries that I bundle with my web app?
  2. Am I supposed to provide a “port” along with the redirect uri? I.e. http://localhost:8989? It seems like with either configuration gives me “WE’RE SORRY”, “Invalid redirect_uri”.
  3. When running KeyCloak and my client application on separate servers, will the http://localhost redirect uri automatically supposed to be replaced with the correct IP address/hostname of the Resource Server provides, I.e. my application?
I understand that this redirect_uri has been made a mandatory field in recent release of KeyCloak and I could not find information related to its configuration in the “Base Part 1” tutorial video. 

Any pointers about how to configure this redirect uri for “confidential” access_type would be very helpful.

Kind Regards,