URI RegEx Validator

199 views
Skip to first unread message

Cornelia Lahnsteiner

unread,
Apr 1, 2021, 8:20:13 AM4/1/21
to Keycloak Dev
Hi all,

currently Keycloak supports only wildcards at the end of the URI as valid redirect URIs for clients - with the good argument that the URIs should be defined as specific as feasible, see [1].
However, as one of our clients has a very long list of redirect URIs in form of RegExes, we have to implement the support of RegEx validation in Keycloak. Otherwise we would have to define "https://*" as a valid redirect URI, which is a much higher security risk than the RegEx validation.

Question @all: Is this a feature the community or Keycloak would also be interested in?

Thanks,
Cornelia


Reply all
Reply to author
Forward
0 new messages