You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
message:invalid_client_metadata reason:post_logout_redirect_uri "https://foobar.example.com" must match the domain, port, scheme of at least one of the registered redirect URIs but did not
I already understand that for login, the callback URL must match one of the redirect_uris in the OIDC client.
But as far as I can tell, it is not mandated in the OIDC spec that the post_logout_redirect_uri domain needs to match the post login redirect uri domain.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I tried setting an OIDC client to have a post_logout_redirect_uri of https://foobar.example.com, whilst the redirect_uri (e.g post login redirect uri) is https://whatever.example.com.
I got an error:
I already understand that for login, the callback URL must match one of the
redirect_urisin the OIDC client.But as far as I can tell, it is not mandated in the OIDC spec that the
post_logout_redirect_uridomain needs to match the post login redirect uri domain.Can I get confirmation that Ory have enforced this requirement in Hydra nonetheless? Is that what I'm seeing at https://github.com/ory/hydra/blob/master/client/validator.go#L197-L203 (I'm not too good with Golang).
Is it documented somewhere (that I haven't found?)
Beta Was this translation helpful? Give feedback.
All reactions