Hi all. We have two laptops with grafana on them that can SSO to keycloak with no issues. Here is the URL

https:///auth/realms/tenant/protocol/openid-connect/auth?
access_type=online
&client_id=grafana
&redirect_uri=http://localhost/login/generic_oauth
&response_type=code
&scope=openid+profile
&state=24xnN05tP76-SKMa-KW7JVT71jfBZzztC1ZCJ8Pe5_g%3D

but we have a server on Amazon cloud that always returns “Invalid Parameter: redirect_uri”

So far we tried:
private IP
public IP
DNS

In all cases we get HTTP 400

GET https:///auth/realms/tenant/protocol/openid-connect/auth?access_type=online
&client_id=grafana&redirect_uri=http:///login/generic_oauth
&response_type=code
&scope=openid profile
&state=4lbz3oX5LBwrVWjax2IDPu2XwYqlOkvYMgzHBk3XR8s=

Status
400
Bad Request
VersionHTTP/2
Transferred2.41 KB (1.96 KB size)
Referrer Policystrict-origin-when-cross-origin

nothing is reported on the grafana’s logs. The only obvious difference is “localhost” vs “IP or domain”

we are using the docker version of grafana OSS.

Any ideas?

The main issue was that I was using IPs instead of DNS and keycloak only work with DNS