https://www.ory.sh/ logo
Join Slack
Powered by
I am getting a "Social sign-in `redirect_uri_misma...
# ory-network
c
I am getting a "Social sign-in 
redirect_uri_mismatch
error"... can we not use custom domains for the callback?
w
Can you try this out and report if it worked for you? https://www.ory.sh/docs/troubleshooting/oidc-redirect-url-cname-OTA-092022-01
c
Copy code
The request was malformed or contained invalid parameters
Unable to apply JSON Patch: error in remove for path: '/services/identity/config/selfservice/methods/oidc/config/base_redirect_uri': Unable to remove nonexistent key: base_redirect_uri: missing value
p
Hi @calm-controller-73297 You can use custom domains, but the request needs to be issued from a custom domain e.g. the browser needs to initialize the flow through your custom domain and submit the flow to your custom domain when submitting the form for the OIDC redirect. Could you share with me a video or har file when doing this request in a direct msg?
m
What happens often is that you do not set the redirect URL to your custom domain when configuring. So it says here to use ā€œhttps://distracted-elion-yl0zho4q9i.projects.oryapis.com/self-service/methods/oidc/callback/slackā€ as redirect URI. This is wrong, because I have a custom domain configured. The correct and working redirect URI is ā€œhttps://auth.vinckr.com/self-service/methods/oidc/callback/slackā€ This is a bug in the UI that we need to fix @proud-plumber-24205, it should display the custom domain there (see screenshot) Please check if you have put your custom domain as redirect URI on the social signin provider side.
šŸ™ 1
c
That's what I figured Vincent so I had used my domain but both Google and GitHub complained. Switching to the oryapis.com domain worked. I'll revert back after work and capture the har file for you guys.
r
Hi @magnificent-energy-493 @proud-plumber-24205, I'm getting the 
redirect_uri_mismatch
as well, but that's when I use our custom domain in the OAuth apps callback URL. For some reason, the request to GitHub is made with the 
redirect_uri
set to 
<http://oryapis.com|oryapis.com>
, even though we have a custom domain configured. In the project config, I can still see the following fields set to 
<http://oryapis.com|oryapis.com>
URL: ā€¢ 
../serve/admin/base_url
ā€¢ 
../serve/public/base_url
ā€¢ 
../config/cookies/domain
ā€¢ 
../session/cookie/domain
Are any of these supposed to be set to the custom domain? 
/services/identity/config/selfservice/methods/oidc/config/base_redirect_uri
is not in the config, trying the solution in the docs returns 
Unable to remove nonexistent key: base_redirect_uri: missing value
c
@rhythmic-musician-58953 Are you using the managed UI right now?
r
We have a custom self-hosted UI šŸ™‚
ā¤ļø 1
p
Hi I have been looking into this. I haven't been able to reproduce the issue yet, but this seems like a config issue. It is okay for 
serve.admin.base_url
and 
serve.public.base_url
to be your project slug + oryapis.com url. This shouldn't affect redirects through your cname. Inside my config the 
methods.oidc.base_redirect_uri
is my custom domain url. Do you perhaps have multiple domains added to the project?
r
Adding 
base_redirect_uri
using
Copy code
ory patch identity-config <project-id> \
  --add '/selfservice/methods/oidc/config/base_redirect_uri="<https://auth.example.org>"'
solved this šŸ™‚
c
I can confirm-- adding 
base_redirect_uri
solved this for me as well!
34 Views
Open in Slack
PreviousNext
Powered by