Redirect URI Issue

Hi,

I’m having the redirect_uri issue.

In my application settings under Login redirect URIs I have entered:

https://dev.mydomian.com/FactSetOwnership/Views/Index/

The redirect is performed to:

https://dev.mydomain.com/FactSetOwnership/Views/Index/?view=all-estimates&state=XXX&nonce=XXX&sessionToken=XXXX

But I still get the " The ‘redirect_uri’ parameter must be an absolute URI that is whitelisted in the client app settings." error

I have followed the guide here and left the trailing forward slash on the end, but still get this error.

Any ideas why I am having this issue?

Maybe an obvious one but are you using the correct clientid to identify with your okta app?
Also is it possible to show me which request you are sending to okta? That could give us more insight.

Hi Ironside,

Thanks for your response, I have double checked the clientId and it is correct.

It’s all working, except the redirect. After the redirect error, if you go back then it will load without the error because Okta is not doing redirect.

Here’s the code I am using, i have redacted sensitive field values:

var baseUrl = "https://mydomain.okta.com";
$.ajax({
    url: baseUrl + "/api/v1/users/me",
    type: "GET",
    xhrFields: { withCredentials: true },
    accept: "application/json"
}).done(function(data) {  

    var view = GetFactSetURL($("#View").val());
    $("#FactSetFrame").attr("src", view);
    $("#FactSetFrame").show();

}).fail(function(xhr, textStatus, error) {

    // Not logged in
    var sessionToken = "";

    $.ajax({
        type: "POST",
        url: "https://mydomain.okta.com/api/v1/authn",
        headers: { authorization: "SSWS XXXXX" },
        contentType: "application/json",
        data: JSON.stringify(data),
        async: false,
        success: function(data) {
            sessionToken = data.sessionToken;
            //console.log(data);
        },
        error: function(err) {

            console && console.log(err);
            !console && alert(err.status + " " + err.statusText);
        }
    });

    window.location.href =
        "https://mydomain.okta.com/oauth2/v1/authorize?client_id=XXX&response_type=id_token&scope=openid&prompt=none&redirect_uri=" + window.location.href + "&state=XXX&nonce=XXX&sessionToken=" + sessionToken;
});

var data = {
    "username": "me@mydomain.com",
    "password": "mypassword",
    "options": {
        "multiOptionalFactorEnroll": false,
        "warnBeforePasswordExpired": false
    },
    "context": {
        "deviceToken": "XXX"
    }
};

Thank you,
The authorization request looks fine at first glance. However I have a little concern about ```

redirect_uri=" + window.location.href

If my javascript knowledge doesn’t let me down this means you take the current url you are in? (what you see in your browser window all the way at the top).

A redirect uri is usually static so I don’t think it is an issue you just but the URI in there, also with things like this Okta is really careful with CORS so make sure to whitelist your application.

Security -> API -> Trusted Origins

Hi Ironhide,

I had a look at the window.location.href and it was exactly what is in my white list without the parameter, so: https://dev.mydomian.com/FactSetOwnership/Views/Index/ as per the guide.

So I decided to try it with a parameter and that fixed it for that view, as I have 7 different views and three different environments, 21 entries all together. So my redirect whitelist looks something like this, but with all environments and all possible view= parameters. (I can only post 5 links)

https://dev.mydomain.com/FactSetOwnership/Views/Index/?view=event-calendar
https://dev.mydomain.com/FactSetOwnership/Views/Index/?view=key-items

Thanks for your help in this, i probably wouldn’t have thought to try adding the parameter to the redirect whitelist without your suggestion to look at the window.location.href value.