Login/Register
Identity Server 4 : Sorry, there was an error : unauthorized_client
Asked Answered
Solved c#.netumbracoidentityserver4
S

3

15

I have set up identity server 4 to extent Umbraco so it uses a custom role provider.

Everything was working but now when I get redirected to my Identity server I get this error:

enter image description here

Can anybody shine some light on this error? I have tried rolling back my code in source control but nothing I do seems to help it. Is there anywhere I can see an error log?

Thanks, Scott

Sonnie answered 4/9, 2018 at 14:20 Comment(6)
Well... the best we can say is that the client is unauthorized. Look at the client in the database and ensure it's validKaffiyeh
Hey, As far as I know the clients are stored in code for Identity Server and I've check the values. can't see any issues as I haven't touched this code in weeks. strange.Sonnie
That's only for development... Check the application that hosts the identity server. The logs should tell you more useful informationKaffiyeh
I think I found it, I published the site to azure to look at the logs and found the client_id was not correct (kind of), i have it in a config but it was not the value being sent, so I changed it to a new value and it started working. does ID have a txt log file locally? I can;t seem to find any info on it. Thanks!!Sonnie
Check error logs written by Identity Server. The log files will have more details on which value is incorrect, e.g. client id, secret, redirect url etc.Finedraw
please check this link for the solution to fix this error. sitecore.stackexchange.com/questions/15528/…Whomsoever
S
8

I found out this was due to the RedirectUris being incorrect.

This error is thrown if there is anything wrong with the client.

Sonnie answered 12/12, 2018 at 9:14 Comment(4)
Please explain furtherNickolasnickolaus
For me, IdentityModel was appending "/signin-oidc" to my redirect URI. After I updated the IdentityServer client config to reflect that, it began to work.Deprecate
For me, I had to update the table ClientRedirectUris of the Identity Server database.Marnie
me too, edit idp database, ClientRedirectUris table.Carlotacarlotta
J
10

The cause may be RedirectUris of a client do not include the actual redirect uri the client app is sending. This is configured in Client.cs method GetClients:

new Client
{
    ...
    RedirectUris = new[] { "https://..." }, 
    PostLogoutRedirectUris = new[] { "https://..." },
    AllowedCorsOrigins = new[] { "https://..." },
}

The redirect URI must match exactly the address the client is sending, including the HTTP scheme (http, https).

This can be found in log the file that lists allowed URIs and the actual URI of a failed authorization request. Identity server is using serilog, in program.cs it can be switched on in Main method:

...

Log.Logger = new LoggerConfiguration()
    .MinimumLevel.Debug()
    .MinimumLevel.Override("Microsoft", LogEventLevel.Warning)
    .MinimumLevel.Override("System", LogEventLevel.Warning)
    .MinimumLevel.Override("Microsoft.AspNetCore.Authentication", LogEventLevel.Information)
    .Enrich.FromLogContext()
    .WriteTo.File("logs\\the-log-file-name.txt")
    .CreateLogger();

BuildWebHost(args).Run();
Judah answered 12/3, 2020 at 7:55 Comment(0)
S
8

I found out this was due to the RedirectUris being incorrect.

This error is thrown if there is anything wrong with the client.

Sonnie answered 12/12, 2018 at 9:14 Comment(4)
Please explain furtherNickolasnickolaus
For me, IdentityModel was appending "/signin-oidc" to my redirect URI. After I updated the IdentityServer client config to reflect that, it began to work.Deprecate
For me, I had to update the table ClientRedirectUris of the Identity Server database.Marnie
me too, edit idp database, ClientRedirectUris table.Carlotacarlotta
R
3

I tried using https instead of http to access my local sitecore admin panel like this

https://site.local/sitecore and it worked remember its only https !

Rockie answered 12/4, 2019 at 21:27 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.