blumeops/docs/changelog.d/heph-pwa-redirect-uris.infra.md at 3660b659813d25c2bd01746bb6a67f03fb6a8cf8

Erich Blume 3660b65981 heph Authentik: register heph-pwa redirect URIs for PKCE login

The heph-pwa browser login (hephaestus PR #9) uses Authorization Code + PKCE,
which redirects back to the app origin. Register https://heph.ops.eblu.me/ (and
http://localhost:8787/ for dev) on the heph provider; Authentik also keys
token-endpoint CORS off these origins.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-05 07:27:00 -07:00

294 B

Raw Blame History

Registered the heph-pwa redirect URIs (https://heph.ops.eblu.me/, plus http://localhost:8787/ for dev) on the Authentik heph OAuth2 provider, enabling the PWA's new Authorization Code + PKCE "Login with Authentik" flow (and the token-endpoint CORS it needs). Pairs with hephaestus PR #9.

294 B Raw Blame History

294 B

Raw Blame History