Keycloak Invalid parameter: redirect_uri

Question

Keycloak Invalid parameter: redirect_uri

When I try to access from my API to authenticate a user from keycloak, but it gives me an error. Invalid parameter: redirect_uri on the keycloak page. I created my own kingdom separately from the master. Keycloak is powered by http. Please help me.

+43

keycloak

VIJAY THAKUR Jul 27 '17 at 13:53

source share

11 answers

, , ( ).

0

zhrist 02 . '19 13:46

tryingToLearn · Answer 1 · 2018-07-19T10:31:19+0000

For me, adding wildchar '*' worked . Although for production assemblies, I am going to be more specific with the value of this field. But for development purposes you can do it.

The setting is available in the administrative console keycloak → Realm_Name → Cients → Client_Name.

: , .

Menuka Ishan · Answer 2 · 2018-09-26T10:36:01+0000

. URI . , .

keycloack . (, ).

. , . , . 3000, . , , localhost: 3000,

Mr. Me · Answer 3 · 2018-06-09T15:56:54+0000

-

URL-, (, , URL Chrome dev), master , , https, , redirect_uri http.

, Keycloak ( )

1) , MySql. .

2) update REALM set ssl_required = 'NONE' where id = 'master';

: , 4.0 Keycloak https URI , https. Keycloak , . - - , SSL/TLS, Java.

2: Keycloak . , ( ) [https://www.keycloak.org/downloads.html]. Keycloak Gatekeeper, - Apache.

3) Apache. Apache ( NGINX, NGINX , ). yum Apache (CentOs 7) apt-get install Apache (Ubuntu 16) .

4) Apache

sudo systemctl start httpd (CentOs) sudo systemctl start apache2 (Ubuntu)
sudo systemctl status httpd (CentOs) sudo systemctl status apache2 (Ubuntu), , Apache. active (running) Started The Apache HTTP Server., .

5) SSL- , keyCloak http. HTTP- , . Certbot .

, , , SSL WildFly -.

: https . , - Keycloak 4.0, . , SSL , , , , , №2 https. http SSH- .

6) , https, HSTS, http https. , HSTS Chrome, https- .

7) Apache. , httpd.conf. httpd.conf, , . conf.d, , httpd.conf.

conf , conf . , SSL, certbot. , .

<VirtualHost *:80>
    RewriteEngine on

    #change https redirect_uri parameters to http
    RewriteCond %{request_uri}\?%{query_string} ^(.*)redirect_uri=https(.*)$
    RewriteRule . %1redirect_uri=http%2 [NE,R=302]

    #uncomment to force https
    #does not currently work
    #RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI}

    #forward the requests on to keycloak
    ProxyPreserveHost On    
    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
    RewriteEngine on

    #Disable HSTS
    Header set Strict-Transport-Security "max-age=0; includeSubDomains;" env=HTTPS


    #change https redirect_uri parameters to http
    RewriteCond %{request_uri}\?%{query_string} ^(.*)redirect_uri=https(.*)$
    RewriteRule . %1redirect_uri=http%2 [NE,R=302]

    #forward the requests on to keycloak
    ProxyPreserveHost On
    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/

    #Leave the items added by certbot alone
    #There should be a ServerName option
    #And a bunch of options to configure the location of the SSL cert files
    #Along with an option to include an additional config file

</VirtualHost>
</IfModule>

8) Apache. sudo systemctl restart httpd (CentOs) sudo systemctl restart apache2 (Ubuntu).

9) , Keycloak http, . VPN keycloak, SOCKS. SOCKS . .

ssh -N -D 9905 user@example.com

Putty.

, 9905, SSH . , 9905 .

- SOCKS 9905. .

10) Keycloak. -, http://127.0.0.1, - SOCKS . , , - SOCKS, , , .

11) , , .

sushilshimpi · Answer 4 · 2017-11-25T23:45:35+0000

Keycloak> SpringBootKeycloak> Cients> . valid-redirect uris http://localhost: 8080/sso/login

uri

Mark · Answer 5 · 2018-08-29T15:13:21+0000

Keycloak, URL- :

<web-context>yourchange/auth</web-context> <web-context>auth</web-context> standalone.xml
Keycloak (/auth/admin)
""
""
"security-admin-console" ,
" URI " /auth/admin/master/console/* /yourchange/auth/admin/master/console/*
. " URL- " .
<web-context>yourchange/auth</web-context> <web-context>yourchange/auth</web-context> standalone.xml Keycloak ( /yourchange/auth/admin)

Stephane · Answer 6 · 2018-05-04T19:25:01+0000

- Keycloak, , , URI , , , http://. http://localhost:8082/*

- Keycloak, , , redirect_uri * Valid Redirect URIs Keycloak -. URI .

boycod3 · Answer 7 · 2017-08-04T05:16:17+0000

keycloak . URL -.

Titans · Answer 8 · 2017-11-23T11:34:21+0000

Invalid: redirect_uri spring keyclloak, http://www.baeldung.com/spring-boot-keycloak. keycloak URI , keyclayak . , URL- keycloak URI Redirect, !

ninyarko · Answer 9 · 2018-11-30T22:48:36+0000

, response_type code. . Https://www.keycloak.org/docs/3.3/server_admin/topics/sso-protocols/oidc.html.

jschmuecking · Answer 10 · 2019-08-21T12:20:45+0000

keycloak ( ), , " URI " .

Keycloak Invalid parameter: redirect_uri

-

, Keycloak ( )

More articles: