URI RegEx Validator

[Cornelia Lahnsteiner]

Hi all,

currently Keycloak supports only wildcards at the end of the URI as valid redirect URIs for clients - with the good argument that the URIs should be defined as specific as feasible, see [1].

However, as one of our clients has a very long list of redirect URIs in form of RegExes, we have to implement the support of RegEx validation in Keycloak. Otherwise we would have to define "https://*" as a valid redirect URI, which is a much higher security risk than the RegEx validation.

Question @all: Is this a feature the community or Keycloak would also be interested in?

Thanks,

Cornelia

[1]: https://www.keycloak.org/docs/latest/server_admin/#_unspecific-redirect-uris