Okta Widget Issues w/ renderEl

Mork · February 25, 2020, 11:18pm

error: The ‘redirect_uri’ parameter must be an absolute URI that is whitelisted in the client app settings.

I’m not administering the okta setup, but am told the domain is setup in the trusted, and have seen a screenshot of the login redirect uri (points to correct location).
If you reload the page, after getting the dev console error msg above, everything works ok (I assume the cookie is set?)
same code runs ok on dev, submitting to domain.oktapreview.com without this issue
This only occurs if they login to the local login form, does not occur if they are coming in from Okta dashboard (3p c I assume)
I’ve reviewed the other redirect_uri issues and have done some of that (lowercase, ask admin to check settings etc)

abbreviated/cleaned code:

   signIn.renderEl(
    {
       el: '#oktaWidget'
     }, 
    function success(resp) {
        var oktaUserInfo = getOktaUser();

        oktaUserInfo.done(function(res){
            var ckOkta = ckOkta(res);

            ckOkta.done(function(ckOktaRes){
                
                // business logic then 
                // write a hidden form and pass to normal app login processing

            });
        });

        return;
    }
);


function getOktaUser() {
    return $.ajax({
        type: "get",
        url:  oktaURL + "/api/v1/users/me",
        xhrFields: {
            withCredentials: true
        }
    });
}

mraible · February 25, 2020, 11:26pm

Hello Mork,

When you see this error on Okta, go to your browser’s address bar and copy the URL. Paste it into an editor that makes it easier to read the whole thing. Look for the redirect_uri parameter and you’ll see what it sending to Okta. Make sure that value is registered for your app and everything should work.

Hope this helps,

Matt

dragos · February 26, 2020, 4:50am

Hi @Mork

Besides the use-case provided by Matt, this error can occur also if the wrong redirect_uri is sent, for example:

preview environment was copied to prod, but redirect_uri was not updated correctly (either in the application or in prod tenant in Okta)
the redirect_uri is on http/https and the URL in Okta is on https/http
the redirect_uri contains a trailing slash
the redirect_uri in the app and/or Okta does not have the full path to the callback endpoint, while on the other side it’s added

Mork · February 26, 2020, 2:26pm

I’ve confirmed the ‘Login Redirect URI’ is the same as the URI in the request (other than the url encoding). I’m still getting the whitelist redirect_uri in the client error. Any other thoughts?

There is no trailing slash on either side, the redirect points to a file name.

Mork · February 27, 2020, 5:24pm

There were a couple letters that didn’t match the case. Silly, but fixed. Thank you for the help.

system · January 24, 2024, 6:52pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Redirect URI Issue Questions	5	5167	April 28, 2020
Need some help with error 400 bad request for my production site Questions	2	5419	November 1, 2018
'redirect_uri' parameter must be a Login redirect URI error only appears when I'm not logged into the developer console Questions	5	3739	January 26, 2024
Error 400 bad request OAuth/OIDC	30	42627	February 20, 2019
React Seed Project Questions	2	4232	September 18, 2018

Okta Widget Issues w/ renderEl

Related topics