Re: [keycloak-user] Incorrect redirect_uri in Authorization Code Flow
The error message indicates that the redirect_uri in the authorization
request doesn't match the value in the token request. From what you've
pasted it looks correct, but you should double check that the values are
indeed the same. May be some double encoding issue?
On Fri, 23 Aug 2019 at 20:36, Julián D. Zorzenón <comm.ass(a)gmail.com> wrote:
Hi,
I'm trying to setup a public client in Keycloak 6.0.1 to make an
Authorization Code Flow to work but it fails on the post after the
redirect.
1. I've create the following client in the realm "test":
client id => keycloak-java-form-example
enabled => on
client protocol => openid-connect
access type => public
standard flow enabled => on
valid redirect uris => http://localhost:9090/*
2. Manually created a user.
3. Created a simple app. When you go to http://localhost:9090/ it
redirects
to:
https://keycloak.server:8443/auth/realms/test/protocol/openid-connect/aut...
4. I log in in the form and get the response on the endpoint
http://localhost:9090/cb with a code (for example:
337f8ec8-dbdd-4965-b538-e5a4fbfff6b4.4cb543a8-1585-4bd0-b174-031288cf3032.cf57276c-98a9-48d3-b460-c678af3f8eb2).
5. I make the following POST request:
POST
https://keycloak.server:8443/auth/realms/test/protocol/openid-connect/token
grant_type=authorization_code
<https://keycloak.server:8443/auth/realms/test/protocol/openid-connect/tok...
client_id=keycloak-java-form-example
code=337f8ec8-dbdd-4965-b538-e5a4fbfff6b4.4cb543a8-1585-4bd0-b174-031288cf3032.cf57276c-98a9-48d3-b460-c678af3f8eb2
redirect_uri=http%3A%2F%2Flocalhost%3A9090%2Fcb
The response is:
400
{"error":"invalid_grant","error_description":"Incorrect
redirect_uri"}
I'm not sure what I'm missing.
Thanks
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user