Skip to main content

Mandatory redirect_uri for OpenID Connect Flows

Starting no sooner than August 1st, 2024, Ory Network will enforce the inclusion of redirect_uri in OpenID Connect flow requests. This update aligns with OpenID Connect specifications.

Previous Behavior

You could omit the redirect_uri parameter:

/oauth2/auth?scope=openid&client=1234

New Requirement

You must include the redirect_uri parameter:

/oauth2/auth?scope=openid&client=1234&redirect_uri=https://...

Action Required

  • Update your OpenID Connect flow requests to include redirect_uri.
  • If you depend on data pending removal, contact us via Zendesk, Slack, or email to support@ory.sh.

For any questions or further assistance, please reach out to our support channels.