How do I tell the auth server to allow React Native? I’m getting the following error message, which results in a 400 status from the auth server:
[17:43:38 INF] The request URI matched a server endpoint: Authorization. [17:43:38 INF] The authorization request was successfully extracted: { "code_challenge": "Bxxxxxxx_jOizOFD0mqQ1zH7lCiR_JGcsrWN0KrThqE", "code_challenge_method": "S256", "redirect_uri": "exp://192.168.0.21:19000/", "client_id": "ReactNative", "response_type": "code", "state": "QNwPeeEtds", "scope": "offline_access AuthServer IdentityService AdministrationService SaasService" }. [17:43:38 INF] Client validation failed because 'exp://192.168.0.21:19000/' was not a valid redirect_uri for ReactNative. [17:43:38 INF] The authorization request was rejected because the redirect_uri was invalid: 'exp://192.168.0.21:19000/'.
Is this only an issue when simulating/running Expo? What will it be like once we have a real app in the App Store/Play?
3 Answer(s)
-
0
To allow your React Native (Expo) app to authenticate with the ABP AuthServer, you must register the Expo redirect URI (e.g., exp://192.168.0.21:19000/) as a valid redirect URI for your client in the AuthServer configuration.
Step-by-step solution:
- Update OpenIddict/IdentityServer Client Configuration:
- Locate your client definition for "ReactNative" in your AuthServer's configuration (usually in
appsettings.json
underIdentityServer:Clients
or in your data seed contributor). - Add the Expo redirect URI to the list of allowed
redirect_uris
. For example:
- Locate your client definition for "ReactNative" in your AuthServer's configuration (usually in
"ReactNative": { "ClientId": "ReactNative", "ClientSecret": "your-secret", "RootUrl": "exp://192.168.0.21:19000/" }
- If you are seeding clients in code, ensure you add the redirect URI:
await CreateClientAsync( name: "ReactNative", scopes: commonScopes, grantTypes: new[] { "authorization_code" }, secret: "your-secret".Sha256(), requireClientSecret: false, redirectUri: "exp://192.168.0.21:19000/" );
Re-run the DbMigrator (or your seeding logic) to update the database with the new redirect URI.
Restart your AuthServer to ensure the new configuration is loaded.
Development vs. Production:
- The
exp://
scheme is specific to Expo and is only used during development. For production (App Store/Play Store), you will use a custom URI scheme (e.g.,myapp://callback
) or a universal link. You must register the production redirect URI in the same way.
- The
Summary:
The error occurs because the redirect URI used by Expo is not registered in your AuthServer. Add it to your client configuration for development. For production, register the appropriate redirect URI for your deployed app.Sources:
- https://abp.io/docs/latest/framework/ui/react-native/
- https://abp.io/community/articles/adzzfnji
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
- Update OpenIddict/IdentityServer Client Configuration:
-
0
But how do you handle different IP addresses, and what will it look like when deploying and running a real application on an iPhone/Android device?
-
0
hi
You can check this https://abp.io/support/questions/9777/AccountLogout-400-response-code---After-upgrading-from-822-to-911#answer-3a1bd776-69af-aee5-4dd0-b040e3923d16
Thanks.