1π
@flavio.donze
I have same issue when redirect login (not logout)
- If I put scheme (ex:
com.application.example://) in "Valid Redirect URIs" and "Base URL", keycloak admin console gives "A redirect URI is not a valid URI", only accept http/https scheme - If I add redirect_uri into login link (ex:
https://{{keycloak-server}}/auth/realms/employee/protocol/openid-connect/auth?client_id=mobile-app&redirect_uri=com.application.example%3A%2F%2F&response_type=code&scope=openid), I got message "Invalid parameter: redirect_uri"
- [Vuejs]-Vue passing props via router-link with dynamic routing
- [Vuejs]-I am new to vue and I can seem to get a response for this.$http.get('url', function(data)) in Vue
0π
If you are the admin of the service and recently updated keycloak to version 18.0.0 or above, this might be the reason/solution:
Solution
If your application directly uses links to logout endpoint with the
redirect_uriparameter, you may be required to change this as
described above. Consider either removing theredirect_uriparameter
entirely or replacing it with theid_token_hintand
post_logout_redirect_uriparameters.
Reason
Previous versions of Keycloak had supported automatic logout of the
user and redirecting to the application by opening logout endpoint URL
such as
http(s)://example-host/auth/realms/my-realm-name/protocol/openid-connect/logout?redirect_uri=encodedRedirectUri.
While that implementation was easy to use, it had potentially negative
impact on performance and security. The new version has better support
for logout based on the OpenID Connect RP-Initiated Logout
specification. The parameter redirect_uri is no longer supported;
also, in the new version, the user needs to confirm the logout. It is
possible to omit the confirmation and do automatic redirect to the
application when you include parameter post_logout_redirect_uri
together with the parameter id_token_hint with the ID Token used for
login.
Source
https://www.keycloak.org/2022/04/keycloak-1800-released#_openid_connect_logout