This is my initial setting for my mvc connecting with identity server.
app.UseOpenIdConnectAuthentication(new OpenIdConnectAuthenticationOptions
{
AuthenticationType = "oidc",
SignInAsAuthenticationType = "Cookies",
Authority = "http://identity.azurewebsites.net",
RedirectUri = "http://localhost:62419/signin-oidc",
PostLogoutRedirectUri = "http://localhost:62419/signout-callback-oidc",
ClientId = "mvc",
ResponseType = "id_token",
Scope = "openid profile",
UseTokenLifetime = false,
RequireHttpsMetadata = false,
Notifications = new OpenIdConnectAuthenticationNotifications
{
SecurityTokenValidated = (context) =>
{
var identity = context.AuthenticationTicket.Identity;
var name = identity.Claims.FirstOrDefault(c => c.Type == identity.NameClaimType)?.Value;
return Task.FromResult(0);
}
}
});
I can get to the identity server. I received a message
Sorry, there was an error : unauthorized_client Invalid redirect_uri
I have added the redirectUri into the ClientRedirectUris table matched with the code shown above. Is there any other area i forgot to add or set.
Late to the party but will add my two cents:
Generally the unauthorized_client means that there was something wrong with the validation of your client.
This can be any of the client settings:
Client Id
Client Secret (if used)
PKCE (if used)
Return Url
Scopes (not matching)
Grant Type (not allowed)
This is not an exhaustive list, there might be other properties that will lead to the client being rejected.
If you are getting this error, make sure your settings on the client end and the Identity Server end are matching, most likely there is some configuration misalignment.