Invalid redirect_uri

13424
17
03-17-2016 07:25 AM
SharonMeier
New Contributor III

Is anyone familiar with Error: 400 (Invalid redirect_uri)?   I have installed ArcGIS Server 10.4, GeoEvent Extension 10.4, Portal 10.4 and the ArcGIS DataStore, as well as web adapters.   Have federated portal and server, and set my server as the hosting server in Portal.  However, when I try to launch GeoEvent Manager I receive this Invalid redirect_uri error. 

0 Kudos
17 Replies
DennisGeasan
Occasional Contributor II

Hi Sharon,

I find the easiest way to get to 10.4 GEE Manager running on a federated AGS is from another machine on your network.

If accessing GEE manager on the machine it is running on, IE comes up blank, Chrome yields Error 400, or 500 if you use a Portal Token.  Firefox eventually works but you have to import the SSL certificates from both AGS and Portal.

DG

KennethOGuinn
New Contributor III

I have found that this is normally as a result of registering the web adaptor with Portal via one URL, and accessing it via another.

For example you browse to https://internalmachine.domain.com/portal and register your web adaptor with Portal.

Then you try to access the Portal via https://dnsalias.domain.com/portal. As a result the Portal basically says "hey, I was told to the web adaptor was at https://internalmachinename.domain.com/portal, but I see a connection coming from https://dnsalias.domain.com/portal, and I was never told to trust that URL,  better be safe than sorry; invalid_uri redirect 400"

The easiest way I've found to resolve the issue is to unregister the web adaptor from Portal, and then in your browser with the URL you intend to access portal through like https://dnsalias.domain.com/portal, re-register it with portal. At that point Portal knows to trust the web adaptor from that location.

Please note that if you do unregister the Web Adaptor you will not be able to access your Portal via the web adaptor for the duration of it being unregistered.

This is a somewhat common issue for Esri Support Services, so if you have access to support, I'm sure they can walk you through the process of sorting this out.

If not, here is the documentation on how to unregister a web adaptor.

Unregistering ArcGIS Web Adaptor with Portal for ArcGIS—Installation Guides (10.4) | ArcGIS for Ser...

Here is the follow up doc on how to register it again.

Configure ArcGIS Web Adaptor—Installation Guides (10.4) | ArcGIS for Server

Hope this helps!

Ken O.

SimonJackson
Occasional Contributor III

Hi Kenneth OGuinn Thanks for this advice.  However, how about this scenario...

Any ideas on how to get around this?  Really appreciate any help or pointers you can provide.
I saw a bug at 10.3​ (fixed at 10.4) which suggests that this should be possible, I just imagine I need to make some additional config changes.

BUG-000092043 : The GeoEvent Processor in a federated ArcGIS for Server and Portal for ArcGIS environment does not allow users to login to environments which utilizes a DNS name for their Portal site.

DebendraBiswas1
New Contributor III

Hi @SimonJackson ,

Just want to know, did you ever get this resolved, I am stuck with same situation.

0 Kudos
JiaLiu1
New Contributor III

Hi DebendraBiswas1, Did you find the answer? I'm stuck, too.

0 Kudos
DebendraBiswas1
New Contributor III

Hi @JiaLiu1 

My issue was that, whenever I was federating ArcGIS server, the ArcGIS server itself along with GeoEvent Manager were redirecting to portal login page and  in a flick of a second redirecting to Error: 400 (Invalid redirect_uri) page.

My issue got resolved by updating the portal Web Adaptor URL from fully qualified domain name to internal server like https://hostname:7443/arcgis

Note that, you do not have to unregister the portal from web adaptor, you can just add /edit at the end of the url which will allow you to edit the configuration

https://<hostname>/portal/portaladmin/system/webadaptors/7658bc2b-45ca-4516-8252-e3440774b5c6/edit

PortalWebAdaptor.png

 

 

 

Hope this helps.

 

Cheers

Debendra

0 Kudos
JiaLiu1
New Contributor III

Hi Debendra, Many thanks for the quick response. My issue is different then. My setup is an Azure VM. In the Azure VM, I can get to GeoEvent Server through https://machinename:6143/geoevent/manager but get "This site can't be reached when I use https://fqdn:6143/geoevent/manager in the VM and from another machine. My understanding is for streaming services, I'll need the latter to work. The 6143 port is open in the VM. I don't what else I'm missing.

0 Kudos
DebendraBiswas1
New Contributor III

Hi @JiaLiu1 

Apologies for getting it wrong. 

Regarding accessing GeoEvent manager from outside machine using FQDN, may I ask you what do you mean by opening the port..?  Is this through window's firewall or  you have configured an inbound rule to listen on port 6143. ?

 

Regards

DebendraInboundRule.png

 

 

0 Kudos
JiaLiu1
New Contributor III

Hi Debendra, I have similar setup as in your screenshot of the Azure VM Networking for port 6143. I don't think it's Windows Firewall, as in the VM I can access GeoEvent Manager using machinename:6143 but not fqdn:6143.  Am I wrong?

0 Kudos