[bug]: Cannot use OAuth2 OIDC over HTTPS behind a reverse proxy

[egormanga]

Is there an existing issue for this?

• I have searched the existing issues

Current behavior

Plane API uses request.is_secure to determine http vs https in the redirect URI, instead of just pasting request.scheme. Frontend already uses the correct scheme.

Steps to reproduce

1. Link to an OIDC provider (e.g. GitLab).
2. Try to log in using it.
3. Get “Invalid redirect URI” error from the provider.
   The redirect_uri parameter will start with http://.

Environment

Production

Browser

None

Variant

Self-hosted

Version

v1.0.0

[pablohashescobar]

@egormanga, if the scheme is passed as https to the Plane server the request.is_secure should return true, can you check if the proxy server is correctly passing request scheme to plane. Please refer here for templates for different reverse proxies.

[makeplane]

Synced with Plane Workspace 🔄

[GIT-1] [bug]: Cannot use OAuth2 OIDC over HTTPS behind a reverse proxy

[egormanga]

@pablohashescobar Thanks! I'm using Caddy, which certainly passes all the needed headers correctly. I probably should also mention I'm deploying Plane in Kubernetes using Traefik ingress controller.

[akshat5302]

Hey @egormanga, could you please clarify your setup? I noticed you mentioned two different proxies, Caddy and Traefik.

Where exactly did you define the Plane-related routes? I’m assuming they’re in the Traefik ingress file.