Invalid redirect uri
-
I am getting an error: Invalid redirect uri "http://substantiator-survey.ngrok.io/index.php/Configure/MyFormEmployees" when I try clicking on the link in the passwordless email. Here is the body of the email:
Hello
This email has been sent by {{user.data}} to gather survey information.
If you have any questions plase contact richb201@gmail.com.
but when I copy the uri into my browser, it opens fine.
I did see a note during a google search that mentions setting "require_exact_redirect__uri" to false for the server. Where do I set this? I am running in Docker, btw.
-
What do your application settings look like? Can you confirm that
http://substantiator-survey.ngrok.io/index.php/Configure/MyFormEmployeesis in the authorized redirect urls section of your applications "OAuth" configuration tab? -
here they are in the image.
I am also attaching a screenshot of the link in the email. here
Is there anyway I could have the UI send out an email with a link so I can compare my URL link wth the UI's version? When I click on that blue link, nothing happens.
If I go into the show raw source of the email and copy the link and then paste it into an incognito tab I get this image:
-
@richb201 said in Invalid redirect uri:
Is there anyway I could have the UI send out an email with a link so I can compare my URL link wth the UI's version? When I click on that blue link, nothing happens.
I'm not quite sure I'm following, but you can edit the email template to be whatever you want, so you could make it a nice URL. Not sure if your email client is mangling the link in some way.
I am also not familiar with your mail client, but there is an open bug that if your mail client 'prefetches' a passwordless link, it won't work:
https://github.com/FusionAuth/fusionauth-issues/issues/629
What you describe seems like it could be the same issue. Can you try sending an email to a gmail or yahoo.com account, which don't prefetch?
-
Thanks Dan. Yes, when I got rid of Maildrop and switched over to Yahoo mail, it seems to work fine.
-
I have both the regular old link and the new button on my passwordless email. Here is what it looks like
I can use either the button or the link and they get to the same place, which is fine. The problem is that after the link has expired, they act differently. If I click on the link a second time I get this:
but if I click on the button a second time I get this:
This is the same error i was complaining about at an earlier time.
Here is the code t from the custom template:
[#setting url_escaping_charset="UTF-8"]
<!doctype html><img src="http://substantiator-survey.ngrok.io/assets/themes/default/images/new_blue_logo_sub240x240.png?w=640" alt="img" />
<p>Hello </p><p>I am sending you this email to help us gather survey information for taxes. Please visit the below link and fill out a survey.</p>Thank You,
${user.data.contact_name!}
<p>If you have any questions please contact ${user.data.admin_email}.</p>
[#-- The optional 'state' map provided on the Start Passwordless API call is exposed in the template as 'state' --]
[#assign url = "http://fusionauth.ngrok.io/oauth2/passwordless/${code}?tenantId=${user.tenantId}" /]
[#list state!{} as key, value][#if key != "tenantId" && value??][#assign url = url + "&" + key?url + "=" + value?url/][/#if][/#list]
<a href="${url}">${url}</a><form action="${url}" target="_blank">
<button type="submit" class="button button-blue">Click Here For Survey!</button>
</form>So why do they react differently? Is there some way i can get them both to just say: sorry, the link has timed out?
I did some more investigation and it seems that the link on the second press generates a different URI than the button. Here they both are, first link, and the button: http://fusionauth.ngrok.io/oauth2/passwordless/c1G83npKwfNemQWQaEtpeSh7GkB0K4IW8J652NcFrbU?tenantId=34303566-6466-3234-6565-656233663263&client_id=32688330-1630-4e0d-a4de-8ae45c3ca527&redirect_uri=http%3A%2F%2Fsubstantiator-survey.ngrok.io%2Findex.php%2FConfigure%2FMyFormEmployees&response_type=code&scope=openid&state=richardbernstein216%40yahoo.com
http://fusionauth.ngrok.io/oauth2/passwordless/c1G83npKwfNemQWQaEtpeSh7GkB0K4IW8J652NcFrbU?
Seems pretty clear it is a problem with the coding fo the freemarker, not your issue. Thanks.
-
Well we got the the button in passwords login working correctly. Back to my issue with the page a user who presses the button after the session has expired (see above). Is there any way to tell FA where to redirect to when the link has expired. Is this documented in the Doc's? If not is there a suggestion box?
-
Back to my issue with the page a user who presses the button after the session has expired (see above). Is there any way to tell FA where to redirect to when the link has expired.
From reading the passwordless guide, it looks like an
Invalid login credentialsmessage will be displayed in this case. That may be themeable, but I'd have to play around to know for sure. But that's where I'd start.@richb201 said in Invalid redirect uri:
If not is there a suggestion box?
This is the suggestion box :). We also accept PRs against our documentation site: https://github.com/fusionauth/fusionauth-site/
However, it's best to open a new topic when there's a new question or issue. Otherwise things can sometimes get lost.
I'm glad you are making progress!
