Closed HansLarsen closed 1 month ago
Hi 👋
Did you correctly set the FORWARDED_ALLOW_IPS
environment variable on the Fief server?
The server generates absolute URL based on the incoming request. So, if the request has the host header example.com
, it'll generate URL with the example.com
host.
However, when behind a proxy like Nginx, the host will be the internal address (192.168.1.235:8000
in your case). For this to work, we need to trust the X-Forwarded-
headers from the proxy.
Read more: https://docs.fief.dev/self-hosting/configuration/ssl/#trust-reverse-proxy-headers
Describe the bug
When fief is redirecting back from the login page, to the admin page, it uses the local ip address instead of the FIEF_DOMAIN. I'm using nginx as a reverse proxy and i get the message "redirect_uri is not authorized for this client"
I'm a bit unsure if i'm doing something wrong, but this is the admin panel it comes with.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The redirect would use the FIEF_DOMAIN
Configuration
Additional context
Docker compose
nginx setup
FIEF_DOMAIN="auth.example.test" The redirect url:
http://auth.example.test/authorize?response_type=code&client_id=CGU40q_KKsJMRillsDWqWYKmZ5Lu017yxU7jgY6NYnU&redirect_uri=http%3A%2F%2F192.168.1.235%3A8000%2Fadmin%2Fauth%2Fcallback&scope=openid&screen=login