content

Missing redirect_uri when using single sign on

When you try to do single sign-on (SSO), for example with a Matrix homeserver, you can get back the following response: 1

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. The 'redirect_uri' parameter is required when using OpenID Connect 1.0."}

This happens because the client has not included a redirect_uri value in its request. This value needs to be set in order for SSO to work. 1

In tuwunel, this is done by specifying the complete callback URL: 1

 [[global.identity_provider]]
 brand = "Discourse"
 client_id = "matrix"
 client_secret = "<secret>"
 issuer_url = "https://forum.tsuki.games/oauth2"
+callback_url = "https://matrix.tsuki.games/_matrix/client/unstable/login/sso/callback/matrix"
 base_path = "oauth2"

meta

tags: matrix, single-sign-on

created:

commit: 4abd4cbd