Yes, you can use localhost as a redirect URI for an OAuth client in Ory. The documentation and community discussions confirm that localhost redirect URIs are supported, especially for development and CLI-based OAuth2 clients. - When creating OAuth2 clients using the Ory CLI, you can specify redirect URIs like http://localhost:3000/callback or http://127.0.0.1:4446/callback without issue. This is shown in both the official guides and example commands:

ory create oauth2-client --project $PROJECT_ID \     --name "Example Client" \     --grant-type authorization_code,refresh_token \     --response-type code \     --redirect-uri <http://localhost:3000/callback>

[Add OAuth2 and OpenID Connect to your ExpressJS app](https://www.ory.sh/docs/getting-started/oauth2-openid/add-oauth2-openid-connect-nodejs-expressjs) - There was a previous issue where the Ory Console UI did not accept localhost as a valid redirect URI, but this has since been resolved and the UI now allows it as well. If you encounter any issues, you can always use the Ory CLI to set the redirect URI to localhost, which is fully supported and not considered a hack or workaround that will be removed in the future [Github Issue: Ory Cloud OAuth2 Client error configuring localhost for redirect URI](https://github.com/ory/network/issues/282). In summary, using localhost as a redirect URI is supported and commonly used for local development with Ory OAuth2 clients.

The error message you are seeing: > The 'redirect_uri' parameter does not match any of the OAuth 2.0 Client's pre-registered redirect URLs. means that the redirect_uri you are using in your OAuth2 request does not exactly match any of the redirect URIs registered for your OAuth2 client in Ory. To resolve this: 1. Check the registered redirect URIs for your OAuth2 client. You can do this using the Ory CLI:

ory get oauth2-client {client.id}

Look for the "redirect_uris" field in the output and ensure your intended redirect URI (e.g., http://localhost:3000/callback) is listed exactly as you are using it in your request. Even small differences (such as a missing slash, different port, or using 127.0.0.1 vs. localhost) will cause a mismatch error [Hydra: Solutions for common OAuth2-related problems](https://www.ory.sh/docs/hydra/debug#refresh-token-flow-fails). 2. Make sure the redirect_uri in your request matches exactly what is registered. For example, if you registered http://localhost:3000/callback, you must use that exact value in your OAuth2 flow—no extra query parameters or path changes. 3. If you are using the Ory Console or CLI to register the client, double-check that the redirect URI was saved correctly. You can update it with:

ory update oauth2-client {client.id} --redirect-uri <http://localhost:3000/callback>

4. If you are using a framework or library (like Auth.js/NextAuth), ensure the callback URL in your app configuration matches the registered redirect URI in Ory [Integrate authentication into Auth.js and NextAuth](https://www.ory.sh/docs/getting-started/integrate-auth/auth-js#resolve-redirect-url-mismatch-errors). Summary: This error is always caused by a mismatch between the redirect_uri in your OAuth2 request and the URIs registered for your client. Double-check both sides for an exact match to resolve the issue.