OAUTH / OIDC - Invalid redirect URL for OAuth success., code:400, project_invalid_success_url
- 0
- Self Hosted
- Auth
- Web

Using Zitadels OAUTH Playground (https://zitadel.com/oidc-playground), I receive the following error when attempting the authentication process:
{"message":"Invalid redirect URL for OAuth success.","code":400,"type":"project_invalid_success_url","version":"1.5.10"}
In the Appwrite logs:
2024-09-05 13:03:45 [Error] URL: /v1/account/sessions/oauth2/:provider/redirect
2024-09-05 13:03:45 [Error] Type: Appwrite\Extend\Exception
2024-09-05 13:03:45 [Error] Message: Invalid redirect URL for OAuth success.
2024-09-05 13:03:45 [Error] File: /usr/src/code/app/controllers/api/account.php
2024-09-05 13:03:45 [Error] Line: 1173```
and after changing the scope to "openid"
```2024-09-05 13:09:24 [Error] Method: GET
2024-09-05 13:09:24 [Error] URL: /v1/account/sessions/oauth2/:provider
2024-09-05 13:09:24 [Error] Type: Utopia\Exception
2024-09-05 13:09:24 [Error] Message: Invalid `scopes` param: Value must a valid array no longer than 100 items and Value must be a valid string and at least 1 chars and no longer than 4096 chars
2024-09-05 13:09:24 [Error] File: /usr/src/code/vendor/utopia-php/framework/src/App.php
2024-09-05 13:09:24 [Error] Line: 774```
The redirect URI provided by AppWrite is also a parameter I use.
> http://localhost/v1/account/sessions/oauth2/callback/oidc/saas-dev

JS Code:
const client = new Appwrite.Client();
client
.setEndpoint('http://localhost/v1') // Replace with your Appwrite endpoint
.setProject('saas-dev'); // Replace with your project ID
// Initialize Appwrite account
const account = new Appwrite.Account(client);
// Function to handle OAuth2 login
function handleOAuth2Login() {
// You can replace 'github' with any supported provider (e.g., 'google', 'facebook', etc.)
account.createOAuth2Session(
OAuthProvider = "oidc", // provider
'http://localhost:1234/', // success (optional)
'http://localhost:1234/oauth2', // failure (optional)
[""] // scopes (optional)
);
}```
In the console on the webpage I am getting a HTTP 204 status code for the "OPTIONS" method followed by a HTTP 400 for the "GET" method.
The following are found in the Network requests:
```Request URL:
http://localhost/v1/account/sessions/oauth2/oidc?success=http%3A%2F%2Flocalhost%3A1234%2F&failure=http%3A%2F%2Flocalhost%3A1234%2Foauth2&scopes%5B0%5D=openid
Request Method:
OPTIONS
Status Code:
204 No Content
Request URL:
http://localhost/v1/account/sessions/oauth2/oidc?success=http%3A%2F%2Flocalhost%3A1234%2F&failure=http%3A%2F%2Flocalhost%3A1234%2Foauth2&scopes%5B0%5D=openid
Request Method:
GET
Status Code:
301 Moved Permanently
No response is found for the following request:
https://oauth.provider/oauth/v2/authorize?client_id=123344567889920%40dev&redirect_uri=http%3A%2F%2Flocalhost%2Fv1%2Faccount%2Fsessions%2Foauth2%2Fcallback%2Foidc%2Fgrid-saas-dev&state=%7B%22success%22%3A%22http%3A%5C%2F%5C%2Flocalhost%3A1234%5C%2F%22%2C%22failure%22%3A%22http%3A%5C%2F%5C%2Flocalhost%3A1234%5C%2Foauth2%22%2C%22token%22%3Afalse%7D&scope=openid+profile+email&response_type=code```
Any Idea what could be causing the issue?

Is https://oauth.provider
the actual domain, or have you censored it?

I censored the domain. But it's a zitadel instance. I can provide additional info privately if needed.
Recommended threads
- User Authentication through REST API
Hey everyone, I’m looking for some guidance on the best way to authenticate frontend requests to my API gateway using Appwrite sessions. Right now, I'm trying ...
- Custom domain issue
Hello following another post I'm creating dedicated post according to my project ID: 67ffbd800010958ae104 I deployed for debug my React Native app in web, chrom...
- Problem for certificate
Good evening! I installed Appwrite on my hosting via Docker Compose. Then I set up the .env configuration. But for some reason it does not support HTTPS, when l...
