How to configure PhenixID Authentication Services to white list a redirect_uri with a query string
OIDC relying parties using authorization code flow or implicit grant flow, pass a redirect_uri parameter to the OpenID Connect Provider. For security reasons, the OpenID Connect provider must white list the redirect_uri value(s) for the RP in the configuration.
This article describes how to properly white list the redirect_uri value when:
- PhenixID Authentication Services (PAS) is setup as an OpenID Provider
- The relying party connected to PAS use a redirect_uri value containing a query string (for example: https://myrp.com/callback/?query=x&id=abc)
- PhenixID Authentication Services version 4.0 or higher
- PhenixID Authentication Services configured with a OIDC Relying party