-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathredirect-urls.mdc
More file actions
27 lines (19 loc) · 1.12 KB
/
redirect-urls.mdc
File metadata and controls
27 lines (19 loc) · 1.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
---
description: Enforces redirect URL rules for all OAuth and OIDC flows. Catches trailing-slash mismatches, scheme errors, and port mismatches before they cause auth failures.
alwaysApply: true
globs: ["**/*.{js,ts,py,go,java}"]
---
# Redirect URL Rules
All OAuth and OIDC flows in Scalekit require registered redirect URLs.
## Rules
- The `redirect_uri` parameter in authorization requests must exactly match a URL registered in the Scalekit dashboard.
- Register both development (`http://localhost:*`) and production (`https://`) redirect URLs.
- The `post_logout_redirect_uri` must also be allowlisted in the dashboard under Post Logout URLs.
- Never use wildcard redirect URLs in production.
## Common mistakes
- Trailing slash mismatch: `https://app.com/callback` vs `https://app.com/callback/`.
- Scheme mismatch: `http://` registered but `https://` used in code (or vice versa).
- Port mismatch in development: registering `:3000` but the app runs on `:3001`.
## Where to configure
Scalekit Dashboard → Settings → Redirect URLs (for auth callbacks)
Scalekit Dashboard → Settings → Post Logout URLs (for logout redirects)