EVE Technology Lab

HI,

I am trying to implement single signon. I've got it all working, except I've hit a snag. I tried to change my callback URL from:

[[domain]]/shdwc-route-finder-uat/

to

    
[[domain]]/shdwc-route-finder-uat/#/login-return

(note: [[domain]] replaced by a real domain in reality. I don't want to post the URL of my site on a public forum quite yet)

Then I send the user to the SSO link:

https://sisilogin.testeveonline.com/oauth/authorize/?response_type=code
&redirect_uri=[[domain]]/shdwc-route-finder-uat/#/login-return
&client_id=4f25b205bcb84aaf9c9b5d20d3a57156
&scope=&state=

However, this resulted in the server giving me this error message when I go to the SSO link:

{"error":"invalid_request", "error_description":"Some parameters are either missing or invalid"}

I wondered for a moment if perhaps the SSO application system was caching old callback URLs, so I tried changing the callback URL defined for my application to:

[[domain]]/shdwc-route-finder-uat/login-return

and this works! So I think something in the system (probably the validator handling requests reaching the SSO link) is incorrectly rejecting requests if `redirect_url` has a # in it.

I wonder if it would be possible to fix this issue? It's possible for me to work around it, but I'd rather keep the current format if possible.

Oh nice, thanks. I didn't consider that.