On Fri, Nov 13, 2020, 6:19 AM Tomáš J. ***@***.***> wrote: Using docker-compose installation method, I've succesfuly installed confidant new instance. Confidant listens on port 1234 and URL confidant.mydomain.com is proxied to this port, works like a charm. Problem is that after successful google login, user gets redirect to localhost:1234. Instead it should be redirected to confidant.mydomain.com or confidant.mydomain.com/v1/login. It seems like there is no way to change this behavior. There used to be deprecated REDIRECT_URI var, which aparently does nothing :-) Relevant part of my env vars look like this: - USER_AUTH_MODULE=google - SAML_CONFIDANT_URL_ROOT=https://confidant.mydomain.com - REDIRECT_URI=https://confidant.mydomain.com - GOOGLE_OAUTH_CLIENT_ID=....apps.googleusercontent.com - GOOGLE_OAUTH_CONSUMER_SECRET=... - ***@***.*** - AUTHOMATIC_SALT=... — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#308>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AALXSMUCUIEAXGGOVNRNGRLSPRGO7ANCNFSM4TTZPJWQ> .

On Fri, Nov 13, 2020, 4:56 PM Tomáš J. ***@***.***> wrote: Thank you Ryan, works great now! For future reference, I just set bunch of forwarding headers in my NGINX config: proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host:$server_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://my-internal-hostname:1234/; — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#308 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AALXSMURCXGZNVRGTKFGD2TSPTRD3ANCNFSM4TTZPJWQ> .