By: Cage Box user 08 Jan 2020 at 3:28 p.m. CST

4 Responses
Cage Box gravatar
Hi, all. Pardon my inexperience. The error seems a bit basic, but I haven't been able to figure out the issue. I have a website I would like redirected from OpenResty NGINX (using lua-resty-idc) to Gluu for authentication, then to the website (if auth is successful). `OpenResty NGINX --> Gluu (SSO) --> Website` ```` OpenResty NGINX: 192.168.10.100 Gluu (SSO): 192.168.20.100 Website: 192.168.30.101 (https, port 5001) ```` I followed this tutorial here: https://gluu.org/docs/ce/integration/sswebapps/nginx/ On my network's DNS server, I set a host override so that my website (192.168.30.101) points to my OpenResty NGINX server (192.168.10.100). Upon going to https://website.example.com, I get the following error: ```` **Error:** "invalid_request_redirect_uri" **Error Description:** "The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris." ```` My URL also redirects to: `https://sso.example.com/oxauth/restv1/authorize?response_type=code&client_id=XXXXXXXX-XXXX-XXXX-XXXX-376fd0cfa7c9&state=61cd2dedd7e320d3cdb60c0792627fca&redirect_uri=https%3A%2F%2Fwebsite.example.com&nonce=9483ca80db11b98fdf1e932b9e569079&scope=openid%20email%20profile` Pictures of OpenResty NGINX config, client summary, and sector identifier summary: https://imgur.com/a/2ndhimy FYI, when manually going to https://192.168.30.101:5001, page displays just fine (with self signed cert error, of course). Please let me know if there are any particular logs you might need.

By Mohib Zico Account Admin 14 Jan 2020 at 3:35 a.m. CST

Mohib Zico gravatar
I'll try to reproduce your issue locally as soon as I get some time.

By Cage Box user 14 Jan 2020 at 7:15 p.m. CST

Cage Box gravatar
Thanks! Looking forward to it.

By Michael Schwartz Account Admin 17 Jan 2020 at 9:13 a.m. CST

Michael Schwartz gravatar
The redirect URI listed in Gluu must match **exactly**--including any folders and parameters (fragments are stripped). You just have the hostname as the redirect_uri. So Gluu is correctly rejecting the response.

By Cage Box user 19 Jan 2020 at 9:16 a.m. CST

Cage Box gravatar
Michael, thanks! Resolved.