Hello, We need to add Authentication to the AbpHangfireDashboard We are using abp separated auth , API and angular I follow the documnetation to add Cooki Authorization context.Services.AddAuthentication() .AddCookie("Cookies") .AddOpenIdConnect("oidc", options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = configuration.GetValue<bool>("AuthServer:RequireHttpsMetadata"); options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
options.ClientId = configuration["AuthServer:ClientId"];
options.ClientSecret = configuration["AuthServer:ClientSecret"];
options.UsePkce = true;
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("roles");
options.Scope.Add("email");
options.Scope.Add("phone");
options.Scope.Add("MyProjectName");
});
but when I run the project give me this Error error:invalid_request error_description:The specified 'redirect_uri' is not valid for this client application. error_uri:https://documentation.openiddict.com/errors/ID2043 culture:en ui-culture:en
Kindly provide me with all client setting because the documentation didn't mention about the client settings or grant type in order to Authenticate the /hangefire
9 Answer(s)
-
0
To resolve the "invalid_request" and "redirect_uri is not valid for this client application" error when authenticating the ABP Hangfire Dashboard with OpenIdConnect, you must ensure that your AuthServer (OpenIddict) client configuration matches the redirect URI used by your API project.
Here are the required steps:
Determine the Redirect URI
- The redirect URI for Hangfire dashboard authentication is typically:
https://<your-api-host>/signin-oidc - This must match exactly (including protocol, port, and path) in both your API project and the AuthServer client configuration.
- The redirect URI for Hangfire dashboard authentication is typically:
Configure the OpenIddict Client (in AuthServer)
- In your OpenIddict client (usually in the
OpenIddictApplicationstable or via data seed), ensure:- The
RedirectUriincludes your API's/signin-oidcendpoint. - The
PostLogoutRedirectUri(optional) matches your logout redirect. - The
GrantTypesincludeauthorization_code(and optionallyhybridif needed). - The
PermissionsincludeEndpoints.Authorization,Endpoints.Token,GrantTypes.AuthorizationCode,ResponseTypes.CodeIdToken, and all required scopes (e.g.,roles,email,phone,MyProjectName).
- The
Example (if seeding via code):
await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor { ClientId = "MyProjectName_Hangfire", ClientSecret = "YOUR_SECRET", DisplayName = "Hangfire Dashboard", PostLogoutRedirectUris = { "https://<your-api-host>/" }, RedirectUris = { "https://<your-api-host>/signin-oidc" }, Permissions = { Permissions.Endpoints.Authorization, Permissions.Endpoints.Token, Permissions.GrantTypes.AuthorizationCode, Permissions.ResponseTypes.CodeIdToken, Permissions.Scopes.Email, Permissions.Scopes.Profile, Permissions.Scopes.Roles, "MyProjectName" }, Requirements = { Requirements.Features.ProofKeyForCodeExchange } });- In your OpenIddict client (usually in the
Update appsettings.json in API Project
"AuthServer": { "Authority": "https://<your-auth-server-host>", "ClientId": "MyProjectName_Hangfire", "ClientSecret": "YOUR_SECRET", "RequireHttpsMetadata": "true" }Clear Cache
- If you use Redis or another cache, clear it after updating the client settings.
Restart All Services
- Restart AuthServer and API projects to ensure new settings are loaded.
Test
- Navigate to
/hangfire. You should be redirected to the AuthServer login, and after authentication, returned to the dashboard.
- Navigate to
If you still get the error, double-check that the redirect URI in the error message matches exactly what is registered in your OpenIddict client.
Sources:
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
-
0
hi
Please share full http request logs(
logs.txt).We need to confirm the
client idandredirect_uriThanks.
-
0
I updatesd the Redirect URi to : ["https://localhost:44349/signin-oidc"] now redirect to login page but after I entered the credincia and logged in the page not return to the hangefire it is enter in a loop and page still loading Auth server url: https://localhost:44371
https://localhost:44371/connect/authorize?client_id=SmartClinicPro_HangeFire&redirect_uri=https%3A%2F%2Flocalhost%3A44349%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20roles%20email%20phone%20SmartClinicPro&response_mode=form_post&nonce=638853180483794824.ZTNjMDc0OTAtMWE2My00ZjE4LWEwNjMtMjE4N2YyNTQ4MDI5MWM0NWQzYzUtODQ1NC00NDhmLTk4YjMtMzc4Njk3OWJjNzY1&state=CfDJ8CsR7lfmb1dNrxhuAn0fof7e1GXEb5NBASVG61OVD1_kwMVd34x_Xa1bYIGVQ1oGTa1hEyXsXtRk694MXUP3gaURhRawDxEGHNCQDlvGGgl3HHc9T2UhACukLFB5-gNDScoDoosQRovetQIjX0fZYC4WUMr_zS9K8dBZGMRzvn20k-Sc39i3_zHiXWZoMYYuQsoMcfcutdflgCYgYT6Luu-NGcc_-JUEtm7f4tHyIhpT0Crq4t5xbh2b7TcA6lKFzTwOkO3rE0uqbLE8p53pGLk8NqDuyeFGtSgZAvC08bnC9mMkuCkYN_Z0L6fCAl6Tyw&x-client-SKU=ID_NET9_0&x-client-ver=8.1.0.0
and this is the last logs 2025-06-12 13:44:15.982 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:15.984 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 4.2466ms 2025-06-12 13:44:16.159 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:16.161 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:16.161 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource. 2025-06-12 13:44:16.351 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 13:44:16.353 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 193.6292ms 2025-06-12 13:44:16.358 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 13:44:16.361 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:16.365 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 6.296ms 2025-06-12 13:44:16.546 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:16.547 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:16.547 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource. 2025-06-12 13:44:16.740 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 13:44:16.741 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 195.7864ms 2025-06-12 13:44:16.746 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 13:44:16.748 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:16.750 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 3.971ms 2025-06-12 13:44:16.942 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:16.943 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:16.943 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource. 2025-06-12 13:44:17.114 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 13:44:17.116 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 173.9596ms 2025-06-12 13:44:17.121 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 13:44:17.124 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:17.126 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 5.5092ms 2025-06-12 13:44:17.326 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:17.328 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:17.328 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource. 2025-06-12 13:44:17.547 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 13:44:17.550 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 223.8674ms 2025-06-12 13:44:17.554 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 13:44:17.556 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 13:44:17.558 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 3.5208ms 2025-06-12 13:44:17.742 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724 2025-06-12 13:44:17.743 +04:00 [INF] CORS policy execution failed. 2025-06-12 13:44:17.743 +04:00 [INF] Request origin https://localhost:44371 does not have permission to access the resource.
-
0
This is the last log 2025-06-12 14:51:34.287 +04:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-06-12 14:51:34.289 +04:00 [INF] Request finished HTTP/2 POST https://localhost:44349/signin-oidc - 302 null null 471.4384ms 2025-06-12 14:51:34.297 +04:00 [INF] Request starting HTTP/2 GET https://localhost:44349/hangfire - null null 2025-06-12 14:51:34.368 +04:00 [INF] AuthenticationScheme: oidc was challenged. 2025-06-12 14:51:34.376 +04:00 [INF] Request finished HTTP/2 GET https://localhost:44349/hangfire - 302 null null 78.6224ms 2025-06-12 14:51:34.600 +04:00 [INF] Request starting HTTP/2 POST https://localhost:44349/signin-oidc - application/x-www-form-urlencoded 1724
the problem the page still loading and not redirect to hangefire page it is stuck on this URL https://localhost:44371/connect/authorize?client_id=SmartClinicPro_HangeFire&redirect_uri=https%3A%2F%2Flocalhost%3A44349%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20roles%20email%20phone%20SmartClinicPro&response_mode=form_post&nonce=638853224287721216.M2EyYzJlMjUtMmM5Zi00MTJlLWI5MWUtNDViYWFjNmUyZWFiMjRkMDQyMzQtZjA4OS00MzQwLTgxMDEtZTY0YTU2NmRhOWI4&state=CfDJ8CsR7lfmb1dNrxhuAn0fof5v61ZVPkbjyuLPC9SaRtKNxwaiTJvhWZ_4w13npyJMF0nxOn8SV3uA5bZGjGeRz4RYmIGNRVLsImwLz6XjDuUiKbXzaf-8sIWcWMn4QdShAxz4_54QVL0t0c7ZHnG5Lqq7xwbznTxvbQzhSqj3MYQMRI5YOtlN6o5rGiRB-egFXX7ZQY0ybIuSx9qey9cBxl4jQcxetxk_gctFDPNOi0rYOgUYJUrTKnuDfT7WVh0AUTyMrmbMAVcwtKWNmiW4jr46s_SvqpJviWyt7MSyyH8y6dKfzZtuCSVN9G4tShxcTQ&x-client-SKU=ID_NET9_0&x-client-ver=8.1.0.0 and still loading
note : Auth is separated
-
0
hi
Can you share a test template project?
liming.ma@volosoft.com
Thanks.
-
0
Sorry I can't send a Template via email because the environment that developers work on it restricted
but you can share me one template that is working using Hangfire dashoard with separate OAuth because even on the new project template the dashboard not opening when I add authorization option to dashboard so please share a working solution with correct client configuration in order to follow it
-
0
hi
https://abp.io/support/questions/5167/Hangfire-Authorization-Problem#answer-3a0b888e-b47a-d13d-c030-80ce3f046997
-
0
hi
https://github.com/abpframework/abp/blob/1abef5a3984b15f04ee5bfbc7d6f8bb4999823b0/docs/en/Community-Articles/2025-06-20-Using-Hangfire-Dashboard-in-ABP-API-website/POST.md
-
0
https://abp.io/community/articles/using-hangfire-dashboard-in-abp-api-website--r32ox497#gsc.tab=0
