Google OIDC redirect_uri_mismatch


I’ve created an OIDC Auth method to authenticate with google but I get an error when signing in: redirect_uri_mismatch

I’ve configured my redirect url at https://my_hcp_address/v1/auth-methods/oidc:authenticate:callback

Here’s my terraform config

resource "boundary_auth_method_oidc" "google" {
  name                 = "Google Cloud"
  description          = "Google ODIC Provider"
  scope_id             =
  issuer               = ""
  client_id            = ""
  client_secret        = "my secret"
  signing_algorithms   = ["RS256"]
  api_url_prefix        = local.boundary_addr

Anybody got any ideas where I’m going wrong?

Almost always this is some sort of mismatch or typo in the application redirect URL on the auth provider vs. the Boundary redirect URL. Common things that have happened to me include:

  • presence/absence of a trailing slash
  • an extra slash in the URL because of calculated values
  • port number present/absent in the URL

Thanks @omkensey

The error, says boundary is passing this to the provider Request details: redirect_uri=

So if i update the Authorized redirect URIs to include that double slash, It gets further, but I then get {"kind":"InvalidArgument", "message":"Error in provided request.", "details":{"request_fields":[{"name":"id", "description":"Invalid formatted identifier."}]}}

Quite confusing, managed to get Auth0 working fine though

Sounds like Google doesn’t like the extraneous slash in a redirect URI. How are you setting the redirect_uri in your Terraform code?

Edited: I bet the issue is with your local.boundary_addr. What is that set to? Does it have a trailing slash?

Trailing bloody slash on my local… Can’t catch them all :smiley:

That’s all right, guess why I had a suspicion that might be the case… :grin:

1 Like