I'm trying to get a relative (i.e. path only with no host) redirect URI
for a Keycloak client to work. My client works with full host and path,
but if I remove the host part I get an illegal parameter error.
The inline help bubble has the following sentence: "Relative path can be
specified too, i.e. /my/relative/path/*."
So as far as I can tell, it should work according to the help message.
As I was trying to find out more about this I came across Jira issue
KEYCLOAK-8[1], where a comment pointed to section 3.2.1[2] of the OAuth
2.0 spec. If I'm reading the spec correctly the redirect *must* be
absolute to be conformant with the spec.
Is the inline help wrong, or is it something here that I don't get?
Håvard
[1]
https://issues.jboss.org/browse/KEYCLOAK-8
[2]
https://tools.ietf.org/html/rfc6749#section-3.1.2