It’s working fantastic going directly to the main domain, but it seems to be dropping the part in the URL after the #
i.e. clients are being redirected to https://DOMAIN/download/1cbf12345d67d890/ instead, which isn’t a valid link.
Hopefully this is something simple, maybe I’m missing a setting somewhere?
Are you trying to do a hash-based routing with this type of redirect URI?
I believe we don’t support fragments in the redirect URI. Which stems from
this OIDC specification: https://tools.ietf.org/html/rfc6749#section-3.1.2
It specifically says:
The endpoint URI MUST NOT include a fragment component.
It’s not a fragment or anchor, at least it’s not intended to be. I’m trying to put an openid auth on a proxy for a fork of Firefox Send, and it generates download links in that format. Looks like the # portion is supposed to be a decrypt key.
wonder if the # is just being dropped as an invalid character in the redirect then.