Strange redirect_uri bug in self-hosted 4.6.1
Hey all. I’m looking for any advice at all on this. It’s possible we’re overlooking something silly, but I’ve searched through all the documentation and threads that I can find.
We have a self-hosted instance running 4.6.1 and using the v2 login UI. First of all, we are having issues with organization discovery (“User not found in the system”), but I believe this is already a known and tracked bug according to GitHub.
However, we’re even having trouble signing into the default organization with a configured external OIDC provider. On hitting the button, we get an error from our IdP about mismatching redirect_uri’s.
Zitadel is requesting we configure the IdP to allow
If I add that second callback uri (with the port) to the IdP configuration, then when I click the button I now get an error from Zitadel (“An error occurred while trying to login.”)
So it seems to me that the error might be caused by Zitadel adding in the 443 and then getting confused by it. Is my understanding right, or does anyone have any ideas what I might be doing wrong? I believe we are running a fairly standard setup and configuration. Running behind an AWS ALB.
We have a self-hosted instance running 4.6.1 and using the v2 login UI. First of all, we are having issues with organization discovery (“User not found in the system”), but I believe this is already a known and tracked bug according to GitHub.
However, we’re even having trouble signing into the default organization with a configured external OIDC provider. On hitting the button, we get an error from our IdP about mismatching redirect_uri’s.
Zitadel is requesting we configure the IdP to allow
https://domain.com/ui/v2/loginidps/callbackhttps://domain.com/ui/v2/loginidps/callback, but the actual request made by Zitadel to the IdP when hitting the external login button looks like https://domain.com:443/idps/callbackhttps://domain.com:443/idps/callbackIf I add that second callback uri (with the port) to the IdP configuration, then when I click the button I now get an error from Zitadel (“An error occurred while trying to login.”)
So it seems to me that the error might be caused by Zitadel adding in the 443 and then getting confused by it. Is my understanding right, or does anyone have any ideas what I might be doing wrong? I believe we are running a fairly standard setup and configuration. Running behind an AWS ALB.
