Hey,
I’ve created an OIDC Auth method to authenticate with google but I get an error when signing in: redirect_uri_mismatch
I’ve configured my redirect url at https://my_hcp_address/v1/auth-methods/oidc:authenticate:callback
Here’s my terraform config
resource "boundary_auth_method_oidc" "google" {
name = "Google Cloud"
description = "Google ODIC Provider"
scope_id = boundary_scope.global.id
issuer = "https://accounts.google.com"
client_id = "client-id.apps.googleusercontent.com"
client_secret = "my secret"
signing_algorithms = ["RS256"]
api_url_prefix = local.boundary_addr
}
Anybody got any ideas where I’m going wrong?
Almost always this is some sort of mismatch or typo in the application redirect URL on the auth provider vs. the Boundary redirect URL. Common things that have happened to me include:
- presence/absence of a trailing slash
- an extra slash in the URL because of calculated values
- port number present/absent in the URL
Thanks @omkensey
The error, says boundary is passing this to the provider Request details: redirect_uri=https://my-url.boundary.hashicorp.cloud//v1/auth-methods/oidc:authenticate:callback
So if i update the Authorized redirect URIs to include that double slash, It gets further, but I then get {"kind":"InvalidArgument", "message":"Error in provided request.", "details":{"request_fields":[{"name":"id", "description":"Invalid formatted identifier."}]}}
Quite confusing, managed to get Auth0 working fine though
Sounds like Google doesn’t like the extraneous slash in a redirect URI. How are you setting the redirect_uri in your Terraform code?
Edited: I bet the issue is with your local.boundary_addr. What is that set to? Does it have a trailing slash?
Trailing bloody slash on my local… Can’t catch them all 
That’s all right, guess why I had a suspicion that might be the case… 
1 Like