After successful user activation via email, the redirect urls sends them back to my webpage.
This is expected
BUT
the url in the address bar is:
https://mywebsite/?type_hint=ACTIVATION&session_hint=AUTHENTICATED&login_hint=xxxx%40xxx.com
and this creates an ERROR 400: redirect_uri not whitelisted error when i try to sign in
am i meant to do something with these parameters?
I had a similar issue; what ended up fixing it was to specify a redirectUri value in my OktaSignIn parameters when using the Okta signin widget.
Hope this helps!
@noahrama Is this an oidc app ? Could you paste the request that is erroring out (from browser developer tools, network tab) ?
If the /authorize request is erroring out with this error, then the redirect_uri that is passed in the /authorize (configured as part of widget or sdk) should be configured in the ‘LoginRedirectUri’ in application settings and also in the trusted origin (Security->API->Trusted Origins) with ‘Redirect’ option checked.