Your request resulted in an error. The 'redirect_uri' parameter must be a Login redirect URI in the client app settings

Questions OAuth/OIDC
1

im get the error 400 ## Bad Request Your request resulted in an error. The ‘redirect_uri’ parameter must be a Login redirect URI in the client app settings:

Ive looked at all the help pages for this, the Sign-in redirect URIs is set to http://localhost:44314/account/test
my app.settings has “Okta”: {“RedirectUri”: “https://localhost:44314/account/test”}
the nework tab shows redirect_uri=https%3A%2F%2Flocalhost%3A44314%2Faccount%2Ftest

I am using a trial domain - does this make a difference?
Many thanks for any help

2

You mention that your network tab shows a redirect_uri of https%3A%2F%2Flocalhost%3A44314%2Faccount%2Ftest but you only mentioned setting the HTTP (without TLS) version of this as a Sign-in redirect URI for the app.

Does it work if you add the TLS version, https://localhost:44314/account/test, as a Sign-in redirect URI as well/instead?

3

Hello Andrea, i didnt notice this, i have added the url and I still get the same error. Do I need to add anything to my host file for localhost?
and i also notice in the network tab it now has this uri which is not what i have specified redirect_uri=https%3A%2F%2Flocalhost%3A44314%2Fauthorization-code%2Fcallback&response_type=code&scope=openid%20profile&code_challenge=n-h-oZjS2BcdVMEil448QTfooMIsbnCNcH6PUFYlxvY&code_challenge_method=S256

4

Are you using one of your SDKs for your implementation? Those tend to use the /authorization-code/callback as a dedicated callback route and will set it as the redirect_uri in requests. If you’re using an SDK of ours for this, you should be able to rely on the callback component built in to handle exchanging the auth code for tokens and may just want to update the Sign-in redirect URIs to include this route.

5

Hi Andrea, I am having the same issue "Bad Request 400. The redirect_uri parameter must be a login redirect uri in client app settings ". can you please help me out on this. Thanks in advance.

image

6

What redirect_uri do you see included in the /authorize request and what “Sign in redirect URIs” have you allowed within the application settings in Okta?

7

My enterprise okta does not shown up any application settings tab and I do not have any control over it. And also I do not see redirect_uri in /authorize request. Below is the one which is being called
https://domain/oauth2/v1/authorize?client_id

8

If you’re not seeing a redirect_uri parameter included in the /authorize request, that would explain seeing this error. If this is a custom OIDC app, you’ll need to do some investigation into why the application isn’t including that parameter when making the request to Okta.