Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Thinktecture Identity server v3 Google provider

Tags:

thinktecture-ident-server

I am getting issue while integration external provider i.e Google with Thinktecture identity server v3 .I am getting following error: "The client application is not known or is not authorized." Do any one have any idea about this error.

like image 770
user1918328 Avatar asked Feb 08 '15 17:02

user1918328

2 Answers

@Whoever, it looks like you have a mismatch on the RedirectUri values in the client and server.

The RedirectUri property in the client startup defines the URI that will be called called after authentication by the identity server. The RedirectUris in the server config defines the listed of allowed URIs that can request authentication. The client startup RedirectUri must therefore be included in the server's RedirectUris list.

Looks like your client's RedirectUri is currently pointing at the server's URI. Is your client running on port 46289? If so, try changing the value of RedirectUri property in the client startup to https://localhost:46289. You might also want to try modifying the server's redirectUris value to use https rather than http, assuming that your client really is accessible over https.

Server client store:

public static IEnumerable<Client> Get() 
{
    return new[] {
         new Client {
             Enabled = true,
             ClientName = "MVC Client",
             ClientId = "mvc",
             Flow = Flows.Implicit,

             RedirectUris = new List<string>{
                 "https://localhost:46289/"  // client home url

Client startup:

public void Configuration(IAppBuilder app)
{
    ConfigureAuth(app);
    app.UseCookieAuthentication(new CookieAuthenticationOptions {
        AuthenticationType = "Cookies"        
    });

    app.UseOpenIdConnectAuthentication(
        new OpenIdConnectAuthenticationOptions {
            Authority = "https://localhost:44300/identity",
            ClientId = "mvc",
            RedirectUri = "https://localhost:46289/", //must be in server's Client.RedirectUris
            ResponseType = "id_token",

            SignInAsAuthenticationType = "Cookies"
    });
like image 128
BinaryMash Avatar answered Oct 21 '22 15:10

BinaryMash

I had this problem. The RedirectUris entry in the servers almost matched the RedirectUri in the client Startup.Configuration; all but for the trailing slash.

https://localhost:46289/

is not the same as

https://localhost:46289

When I added the slash, my login page appeared.

like image 37
Skip Saillors Avatar answered Oct 21 '22 14:10

Skip Saillors
Sign in to Comment

Related questions

Thinktecture IdentityServer v3 with WebForms and WebApi
Is there a way to customize the Thinktecture.IdentityServer.v2 login page?
How to use ThinkTecture IdentityServer 3 in Web Api 2
How to secure IdentityManager with IdentityServer v3
Moving from Web API 2 Claim-Based-Authentication to ThinkTecture
Posting a SAML token to ASP.NET MVC website
How to consume JWT access token and user claims using RestSharp
IdP initiated login with ThinkTecture IdentityServer v3
Single-sign-on: Which direction should I go?
Thinktecture Identity Server v3 How to keep Claims from external providers?
AngularJs ASP.NET WebApi Authentication with Thinktecture
AngularJS Access Token Security Concerns
Identity Server 3 refresh token expires before its expiration period set in the client configuration
WIF sliding session re-authenticate
Injecting user registration steps into IdentityServer3 SSO process
Add a claim to JWT as an array?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!