PhenixID DocumentationPhenixID Authentication ServicesSolutions OpenIDConnect (OIDC) / OAuthHow to configure PhenixID Authentication Services to white list a redirect_uri with a query string

How to configure PhenixID Authentication Services to white list a redirect_uri with a query string

Purpose

OIDC relying parties using authorization code flow or implicit grant flow, pass a redirect_uri parameter to the OpenID Connect Provider. For security reasons, the OpenID Connect provider must white list the redirect_uri value(s) for the RP in the configuration.

This article describes how to properly white list the redirect_uri value when:

  • PhenixID Authentication Services (PAS) is setup as an OpenID Provider
  • The relying party connected to PAS use a redirect_uri value containing a query string (for example: https://myrp.com/callback/?query=x&id=abc)

Requirements

  • PhenixID Authentication Services version 4.0 or higher
  • PhenixID Authentication Services configured with a OIDC Relying party

Prepare the value to add

Configuration

  • Login to Configuration Manager
  • Select Scenarios->OIDC->Relying Party->YOUR_RP
  • Click +Add below Allowed redirect:uri:s
  • Add the url string from the previous step
  • Click Save