i had oauth2 flow running but suddenly now it's not working on android browses, i'm getting this error, when i run the exact flow on desktop browser on computer, it's working perfectly. After calling PUT: <https//M/admin/oauth2/auth/requests/login/accept|https//<my domain>/admin/oauth2/auth/requests/login/accept>, i'm getting the redirect_uri and once i redirect to that redirect_uri, i'm getting this error.

@fast-lunch-54279 debugging advice?

is this in ory network and if yes what URL?

@few-orange-16990 maybe some XHR traces?

@high-optician-2097 do you mean url for starting the login flow ?

Hi Umar, that is very strange. The cookie is a httpOnly and secure cookie. Is that maybe the issue?

@high-optician-2097 yes that is an issue, since it's httpOnly cookie, i can't do anything from my side, i'm using @ory/hydra-client sdk and here's my configuration: export const hydraAdmin = new AdminApi( new Configuration({ basePath: config.HYDRA_ADMIN_BASE, baseOptions: { withCredentials: true, headers: { Authorization: "Bearer " + config.ORY_TOKEN, }, }, }) ); export const hydraPublic = new PublicApi( new Configuration({ basePath: config.HYDRA_PUBLIC_BASE, baseOptions: { withCredentials: true, } }) ); i have been using this from months and it was working flawlessly without any issue.

That is very strange. Is the android browser maybe limited in how large the cookies can get?

cookie that i'm getting in a desktop browser is under 300 bytes.

hm…

okay, thank you so much.

yeah the problem is that somehow the android browser opens http://myaccount.enschede.me and not https://myaccount.enschede.me

we use cloudflare and have this set

hm, not sure what the reason is, but the problem definitely is that anrdoid browser seems to allow http connection. if i use https in the browser, it works

login with kratos is working fine on android, the issue is with Oauth2 provider https://accounts.enschede.me

is that redirect_uri http or https?

https://<ory-domain>/oauth2/auth?client_id=<client-id>&login_verifier=<login-verifier>&redirect_uri=<redirect_uri>&response_type=code&scope=<scopes>&state=<state> this is what i'm getting as redirect_uri after i call acceptOAuth2LoginRequest() from sdk. and this should redirect me to consent screen. my callback url for redirection once consent request is accepted "<https//m|https//><my-domain>/oauth2/callback"

https://accounts.enschede.me/ just gives me a balnk page?

@high-optician-2097 yes it requires login_challenge in query param to work, i'll create one sample client and send it to you so you can test it on https://openidconnect.net

what redirect url did you register?

hydrauser@gmail.com QwertyMnbv@123 try with this credentials @high-optician-2097

ok thanks, for me the flow worked flawlessly in safari

i tried in chrome, firefox and safari

and it works in none of them?

@high-optician-2097 it worked for me in desktop browsers but not in mobile browsers

Thanks for confirming

awesome!!