Description
Preflight Checklist
- I could not find a solution in the documentation, the existing issues or discussions
- I have joined the ZITADEL chat
Version
No response
Describe the problem caused by this bug
When going through an SSO flow, triggered by the authorizer endpoint with a scope pointing to an external idp. The flow is successful up until the last step where zitadel redirects back to localhost:3000 instead of the origin where the auth service is hosted.
To reproduce
- Setup Zitadel with custom login referring to this auth app
- Setup an external IDP
- Trigger an authorization flow setting the scope to the
urn:zitadel:iam:org:idp:id:{idp_id} - See that you are eventually redirected back to
localhost:3000
Screenshots
Expected behavior
Instead of redirecting back to localhost:3000 you should be redirected back to the custom login host
Relevant Configuration
I didn't see any configuration related to setting the public origin for the host
Additional Context
It seems to be sourcing the origin here. For us, we ended up replacing this line with a configured env var that we set to the correct origin instead, I wasn't able to find within nextjs documentation how to configure this value, nor do I think it is something that could be derived by nextjs anyways.
typescript/apps/login/src/app/login/route.ts
Line 189 in 6c7fa73
Metadata
Metadata
Assignees
Type
Projects
Status