Mandatory redirect_uri
for OpenID Connect Flows
Starting no sooner than August 1st, 2024, Ory Network will enforce the inclusion of redirect_uri
in OpenID Connect flow
requests. This update aligns with OpenID Connect specifications.
Previous Behavior
You could omit the redirect_uri
parameter:
/oauth2/auth?scope=openid&client=1234
New Requirement
You must include the redirect_uri
parameter:
/oauth2/auth?scope=openid&client=1234&redirect_uri=https://...
Action Required
- Update your OpenID Connect flow requests to include
redirect_uri
. - If you depend on data pending removal, contact us via Zendesk, Slack, or email to support@ory.sh.
For any questions or further assistance, please reach out to our support channels.