Hello everyone,
I am trying to set up Google authentication in Oracle APEX 19 using the Social Sign-In authentication scheme on a self-hosted instance. However, I am facing an issue with the redirect_uri generated by APEX.
Despite configuring my public domain (e.g., https://example.com) in the Google Cloud Console as the authorized redirect URI, the authentication request sent by APEX includes the following:
redirect_uri=http://127.0.0.1:8080/ords/apex_authentication.callback
This mismatch results in the following error:
Error 400: redirect_uri_mismatch
Access blocked: This app’s request is invalid.
Here are the steps I followed:
- Set up a new OAuth 2.0 Client ID in Google Cloud Console with the redirect URI
https://example.com/ords/apex_authentication.callback.
- Configured the Social Sign-In scheme in APEX with the correct Client ID and Client Secret.
- Tested the authentication flow, which failed with the error above.
Additional Details:
- The APEX instance is self-hosted and running behind a reverse proxy.
- I suspect the reverse proxy or ORDS configuration might be affecting the generated
redirect_uri, but I am unsure how to resolve this.
Questions:
- How does Oracle APEX determine the
redirect_uri for Social Sign-In, and why is it using 127.0.0.1:8080 instead of the public domain?
- Are there specific settings in APEX or ORDS to ensure the correct redirect URI is generated?
- What are the best practices for configuring APEX in a self-hosted environment with a reverse proxy to avoid such issues?
Any guidance or troubleshooting tips would be greatly appreciated!
Thank you in advance for your help.