starred/pocket-id-pocket-id-2
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-11 07:32:57 +03:00
Code Issues 116 Packages Projects Releases 10 Wiki Activity

🐛 Bug Report: Pocket-ID not working for internal applications #430

New Issue
Closed
opened 2025-10-09 16:46:06 +03:00 by OVERLORD · 12 comments
OVERLORD commented 2025-10-09 16:46:06 +03:00
Owner
Copy Link

Originally created by @khaleddost on GitHub.

Reproduction steps

I have my Pocket-ID instance setup and working through TLS at auth.example.tld and I am able to sign into my public services such as nextcloud.example.tld

However, when I try to setup Pocket-ID to work for my portainer instance, at https://portainer:9443, it doesn’t work. What am i doing wrong?

Expected behavior

Sign in using SSO

Actual Behavior

It says “Invalid callback URL”

Originally created by @khaleddost on GitHub. ### Reproduction steps I have my Pocket-ID instance setup and working through TLS at auth.example.tld and I am able to sign into my public services such as nextcloud.example.tld However, when I try to setup Pocket-ID to work for my portainer instance, at https://portainer:9443, it doesn’t work. What am i doing wrong? ### Expected behavior Sign in using SSO ### Actual Behavior It says “Invalid callback URL”
OVERLORD added the bug label 2025-10-09 16:46:06 +03:00
OVERLORD commented 2025-10-09 16:46:09 +03:00
Author
Owner
Copy Link

@kmendell commented on GitHub:

is the 'docker' hostname set in dns anywhere ? does pocket id know how to get to it and vise versa? can you try to use the full ip address and see if that works? just a curious test

From: khaleddost @.>
Sent: Monday, January 13, 2025 2:32:33 PM
To: stonith404/pocket-id @.>
Cc: Kyle Mendell @.>; Comment @.>
Subject: Re: [stonith404/pocket-id] 🐛 Bug Report: Pocket-ID not working for internal applications (Issue #109)

The callback URL I’m using is the instance itself, per the portainer instructions which in my case is https://docker:9443


Reply to this email directly, view it on GitHubhttps://github.com/stonith404/pocket-id/issues/109#issuecomment-2588136221, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AGDEMB6SZ6QCUT6U47RO4VD2KQPGDAVCNFSM6AAAAABVCQCAU6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKOBYGEZTMMRSGE.
You are receiving this because you commented.Message ID: @.***>

@kmendell commented on GitHub: is the 'docker' hostname set in dns anywhere ? does pocket id know how to get to it and vise versa? can you try to use the full ip address and see if that works? just a curious test ________________________________ From: khaleddost ***@***.***> Sent: Monday, January 13, 2025 2:32:33 PM To: stonith404/pocket-id ***@***.***> Cc: Kyle Mendell ***@***.***>; Comment ***@***.***> Subject: Re: [stonith404/pocket-id] 🐛 Bug Report: Pocket-ID not working for internal applications (Issue #109) The callback URL I’m using is the instance itself, per the portainer instructions which in my case is https://docker:9443 — Reply to this email directly, view it on GitHub<https://github.com/stonith404/pocket-id/issues/109#issuecomment-2588136221>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AGDEMB6SZ6QCUT6U47RO4VD2KQPGDAVCNFSM6AAAAABVCQCAU6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKOBYGEZTMMRSGE>. You are receiving this because you commented.Message ID: ***@***.***>
OVERLORD commented 2025-10-09 16:46:09 +03:00
Author
Owner
Copy Link

@kmendell commented on GitHub:

Portainer's callback url should just be the instance URL ie: https://portainer.example.com/

Im curious if the Self signed Cert (im assuming) may be causing issues as well , just a idea though.

@kmendell commented on GitHub: Portainer's callback url should just be the instance URL ie: https://portainer.example.com/ Im curious if the Self signed Cert (im assuming) may be causing issues as well , just a idea though.
OVERLORD commented 2025-10-09 16:46:10 +03:00
Author
Owner
Copy Link

@Brandawg93 commented on GitHub:

I'm having a similar issue using Audiobookshelf. In my particular issue, I have the protocol for the callback url as https://. When I look in the sqlite db for pocket-id, it also shows https://. But when I go to my Audiobookshelf instance (https://abs.example.tld), the redirect_uri has protocol http://. Not sure where this is getting switched, but it seems like it's on the client side.

@Brandawg93 commented on GitHub: I'm having a similar issue using [Audiobookshelf](https://www.audiobookshelf.org). In my particular issue, I have the protocol for the callback url as `https://`. When I look in the sqlite db for pocket-id, it also shows `https://`. But when I go to my Audiobookshelf instance (https://abs.example.tld), the redirect_uri has protocol `http://`. Not sure where this is getting switched, but it seems like it's on the client side.
OVERLORD commented 2025-10-09 16:46:10 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Which callback URL did you enter?

Also can you share the full URL of the page where the "Invalid callback URL" error gets shown?

@stonith404 commented on GitHub: Which callback URL did you enter? Also can you share the full URL of the page where the "Invalid callback URL" error gets shown?
OVERLORD commented 2025-10-09 16:46:10 +03:00
Author
Owner
Copy Link

@khaleddost commented on GitHub:

The callback URL I’m using is the instance itself, per the portainer instructions which in my case is https://docker:9443

@khaleddost commented on GitHub: The callback URL I’m using is the instance itself, per the portainer instructions which in my case is https://docker:9443
OVERLORD commented 2025-10-09 16:46:12 +03:00
Author
Owner
Copy Link

@Brandawg93 commented on GitHub:

OMG. You're awesome! Thanks for the quick response!

@Brandawg93 commented on GitHub: OMG. You're awesome! Thanks for the quick response!
OVERLORD commented 2025-10-09 16:46:13 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

If the redirect_uri URL param starts with http but https is expected, the client (in your case Audiobookshelf) is the issue. If you can't solve the issue you can just add the http URL as a second callback URL.

@stonith404 commented on GitHub: If the `redirect_uri ` URL param starts with `http` but `https` is expected, the client (in your case Audiobookshelf) is the issue. If you can't solve the issue you can just add the `http` URL as a second callback URL.
OVERLORD commented 2025-10-09 16:46:13 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Like I said, please share the full URL of the page where the "Invalid callback URL" error gets shown.

@stonith404 commented on GitHub: Like I said, please share the full URL of the page where the "Invalid callback URL" error gets shown.
OVERLORD commented 2025-10-09 16:46:13 +03:00
Author
Owner
Copy Link

@khaleddost commented on GitHub:

is the 'docker' hostname set in dns anywhere ? does pocket id know how to get to it and vise versa? can you try to use the full ip address and see if that works? just a curious test

________________________________ From: khaleddost @.> Sent: Monday, January 13, 2025 2:32:33 PM To: stonith404/pocket-id @.> Cc: Kyle Mendell @.>; Comment @.> Subject: Re: [stonith404/pocket-id] 🐛 Bug Report: Pocket-ID not working for internal applications (Issue #109) The callback URL I’m using is the instance itself, per the portainer instructions which in my case is https://docker:9443 — Reply to this email directly, view it on GitHub<#109 (comment)>, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AGDEMB6SZ6QCUT6U47RO4VD2KQPGDAVCNFSM6AAAAABVCQCAU6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKOBYGEZTMMRSGE. You are receiving this because you commented.Message ID: @.***>

I tried setting it to the IP of the machine (I’m using Tailscale IP because the machines are in two different locations but they are able to ping each other)

I still get the same error. Invalid callback url

@khaleddost commented on GitHub: > is the 'docker' hostname set in dns anywhere ? does pocket id know how to get to it and vise versa? can you try to use the full ip address and see if that works? just a curious test > […](#) > ________________________________ From: khaleddost ***@***.***> Sent: Monday, January 13, 2025 2:32:33 PM To: stonith404/pocket-id ***@***.***> Cc: Kyle Mendell ***@***.***>; Comment ***@***.***> Subject: Re: [stonith404/pocket-id] 🐛 Bug Report: Pocket-ID not working for internal applications (Issue #109) The callback URL I’m using is the instance itself, per the portainer instructions which in my case is https://docker:9443 — Reply to this email directly, view it on GitHub<[#109 (comment)](https://github.com/stonith404/pocket-id/issues/109#issuecomment-2588136221)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AGDEMB6SZ6QCUT6U47RO4VD2KQPGDAVCNFSM6AAAAABVCQCAU6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDKOBYGEZTMMRSGE>. You are receiving this because you commented.Message ID: ***@***.***> I tried setting it to the IP of the machine (I’m using Tailscale IP because the machines are in two different locations but they are able to ping each other) I still get the same error. Invalid callback url
OVERLORD commented 2025-10-09 16:46:15 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

I'm closing this issue because this isn't a bug. But feel free to still comment here so we can get it working.

@stonith404 commented on GitHub: I'm closing this issue because this isn't a bug. But feel free to still comment here so we can get it working.
OVERLORD commented 2025-10-09 16:46:16 +03:00
Author
Owner
Copy Link

@khaleddost commented on GitHub:

Like I said, please share the full URL of the page where the "Invalid callback URL" error gets shown.

https://auth.dostzada.com/authorize?response_type=code&client_id=a30ad863-a0c8-4dd8-bfe1-0f53cb078eff&redirect_uri=https://100.122.39.33:9443/&scope=openid%20email%20profile%20groups&state=04756c89-42f3-4006-bc02-5fce2c78cb36

@khaleddost commented on GitHub: > Like I said, please share the full URL of the page where the "Invalid callback URL" error gets shown. https://auth.dostzada.com/authorize?response_type=code&client_id=a30ad863-a0c8-4dd8-bfe1-0f53cb078eff&redirect_uri=https://100.122.39.33:9443/&scope=openid%20email%20profile%20groups&state=04756c89-42f3-4006-bc02-5fce2c78cb36
OVERLORD commented 2025-10-09 16:46:16 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

@khaleddost The sent callback URL is "https://100.122.39.33:9443/". You either have to add this callback URL to Pocket ID or configure your client that it sends another callback URL.

@stonith404 commented on GitHub: @khaleddost The sent callback URL is "https://100.122.39.33:9443/". You either have to add this callback URL to Pocket ID or configure your client that it sends another callback URL.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-2#430
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?