Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

redirect_uri with keycloak 18 causes an error

See original GitHub issue

Using @https://github.com/dsb-norge@2.1.4-beta with keycloak 18 will produce an error when trying to logout:

invalid param redirect_uri

The Breaking Change in Keycloak is described in the Release Notes - Section “Migration from 17.0 -> OpenID Connect Logout”.

The problem can be fixed by updating keycloak-js to version 18.0.0.

Issue Analytics

State:
Created a year ago
Reactions:8
Comments:11 (2 by maintainers)

Top GitHub Comments

12reactions

baltomcommented, May 18, 2022

As previously mentioned in other issues we are keeping keycloak-js at the current version because of redhat-sso using said version. So it won’t be updated until there is a redhat-sso version with corresponding keycloak version.

In the release notes you linked there is also a way to make redirect_uri work with 18+ versions of keycloak



There is a backwards compatibility option, which allows your application to still use the old format of the redirect_uri parameter.

You can enable this parameter when you start the server by entering the following command:

     bin/kc.[sh|bat] --spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true start

With this configuration, you can still use the format with the redirect_uri parameter. Note the confirmation screen will be needed if the id_token_hint is omitted.

4reactions

baltomcommented, Sep 5, 2022

@theolevisage yeah, it is indeed. So we can bump up the keycloak-js dependency. And won’t need the workaround to support old format