Genesys Cloud - Developer Community!

Hello Dev Community!

Since the delivery of this idea, now OAuth clients can be configured to allow any port in the redirect URIs for loopback addresses. So, it would be nice if, when configuring a profile for the CLI, it allowed not only specifying a fixed port, but also making the CLI use any ephemeral free one. That way, we wouldn't have to worry if the configured port(s) were open or not.

Hello Dev Community!

Since the delivery of this idea, now OAuth clients can be configured to allow any port in the redirect URIs for loopback addresses. So, it would be nice if, when configuring a profile for the CLI, it allowed not only specifying a fixed port, but also making the CLI use any ephemeral free one. That way, we wouldn't have to worry if the configured port(s) were open or not.

Hello Adrian,

Just to let you know that support has been added to the last version of the CLI (144.0.0).
Setting HTTP port to 0, when defining a profile, will tell the CLI to use an ephemeral/dynamic port.

Regards,

Hello Dev Community!

Since the delivery of this idea, now OAuth clients can be configured to allow any port in the redirect URIs for loopback addresses. So, it would be nice if, when configuring a profile for the CLI, it allowed not only specifying a fixed port, but also making the CLI use any ephemeral free one. That way, we wouldn't have to worry if the configured port(s) were open or not.

Hello Adrian,

Just to let you know that support has been added to the last version of the CLI (144.0.0).
Setting HTTP port to 0, when defining a profile, will tell the CLI to use an ephemeral/dynamic port.

Regards,

------------------------------
Jerome Saint-Marc
Senior Development Support Engineer

Original Message:
Sent: 10-15-2025 07:57
From: Adrián Santamaría
Subject: GC CLI - Profiles redirect port

Hello Dev Community!

Since the delivery of this idea, now OAuth clients can be configured to allow any port in the redirect URIs for loopback addresses. So, it would be nice if, when configuring a profile for the CLI, it allowed not only specifying a fixed port, but also making the CLI use any ephemeral free one. That way, we wouldn't have to worry if the configured port(s) were open or not.

#PlatformCLI

------------------------------
Adrián Santamaría
------------------------------

Hello again... Just one thing regarding this... When I got the idea delivered, I did not see any announcements or changes in the docs. By trial and error, I discovered that the format in the OAuth client config for the Redirect URI is simply not to specify the port. So:

https://localhost:*      -> Invalid confighttps://localhost:0      -> Valid config, but restricts it to port 0 (which makes it pretty useless)https://localhost        -> Enable redirect to any porthttps://localhost:443    -> Same behavior as the old https://localhost before the change

Are my conclusions correct? Is there any documentation in the Resource/Developer Center about this that I might have missed? 

To be honest, I feel that using * or 0 in the OAuth config would be way more intuitive. In fact, not being that way makes this a bit inconsistent (0 in the CLI = not specified in the OAuth Client)

------------------------------
Adrián Santamaría

Original Message:
Sent: 11-05-2025 12:26
From: Jerome Saint-Marc
Subject: GC CLI - Profiles redirect port

Hello Adrian,

Just to let you know that support has been added to the last version of the CLI (144.0.0).
Setting HTTP port to 0, when defining a profile, will tell the CLI to use an ephemeral/dynamic port.

Regards,

------------------------------
Jerome Saint-Marc
Senior Development Support Engineer

Original Message:
Sent: 10-15-2025 07:57
From: Adrián Santamaría
Subject: GC CLI - Profiles redirect port

Hello Dev Community!

Since the delivery of this idea, now OAuth clients can be configured to allow any port in the redirect URIs for loopback addresses. So, it would be nice if, when configuring a profile for the CLI, it allowed not only specifying a fixed port, but also making the CLI use any ephemeral free one. That way, we wouldn't have to worry if the configured port(s) were open or not.

#PlatformCLI

------------------------------
Adrián Santamaría
------------------------------

Hello,

"By trial and error, I discovered that the format in the OAuth client config for the Redirect URI is simply not to specify the port."

That's why I shared a link to the CLI README in my previous post: https://github.com/MyPureCloud/platform-client-sdk-cli?tab=readme-ov-file#dynamic-port

-> "To perform an implicit login using an ephemeral port, the OAuth Client under Admin > Integrations > OAuth needs to be configured properly by setting the Grant Types property to "Token Implicit Grant (Browser)", and by adding the permissible redirect URIs without specifying a port number (e.g. http://localhost)."

"https://localhost:443    -> Same behavior as the old https://localhost before the change" or https://localhost:{port}

Yes. I assume for people that do not want to allow this from any port. I am not part of the Auth team. Hence the section on explicit port in the CLI README: https://github.com/MyPureCloud/platform-client-sdk-cli?tab=readme-ov-file#explicit-port

"To be honest, I feel that using * or 0 in the OAuth config would be way more intuitive. In fact, not being that way makes this a bit inconsistent (0 in the CLI = not specified in the OAuth Client)"

0 in the CLI is because the HTTP Port is checked in the code - to be a valid port. Feel free to submit a PR if you want to change this.

"*" in the OAuth Client configuration - Feel free to open a ticket or an idea. I only work on the SDKs and CLI.

Regards,

Hello again... Just one thing regarding this... When I got the idea delivered, I did not see any announcements or changes in the docs. By trial and error, I discovered that the format in the OAuth client config for the Redirect URI is simply not to specify the port. So:

https://localhost:*      -> Invalid confighttps://localhost:0      -> Valid config, but restricts it to port 0 (which makes it pretty useless)https://localhost        -> Enable redirect to any porthttps://localhost:443    -> Same behavior as the old https://localhost before the change

Are my conclusions correct? Is there any documentation in the Resource/Developer Center about this that I might have missed? 

To be honest, I feel that using * or 0 in the OAuth config would be way more intuitive. In fact, not being that way makes this a bit inconsistent (0 in the CLI = not specified in the OAuth Client)

------------------------------
Adrián Santamaría

Original Message:
Sent: 11-05-2025 12:26
From: Jerome Saint-Marc
Subject: GC CLI - Profiles redirect port

Hello Adrian,

Just to let you know that support has been added to the last version of the CLI (144.0.0).
Setting HTTP port to 0, when defining a profile, will tell the CLI to use an ephemeral/dynamic port.

Regards,

------------------------------
Jerome Saint-Marc
Senior Development Support Engineer

Original Message:
Sent: 10-15-2025 07:57
From: Adrián Santamaría
Subject: GC CLI - Profiles redirect port

Hello Dev Community!

Since the delivery of this idea, now OAuth clients can be configured to allow any port in the redirect URIs for loopback addresses. So, it would be nice if, when configuring a profile for the CLI, it allowed not only specifying a fixed port, but also making the CLI use any ephemeral free one. That way, we wouldn't have to worry if the configured port(s) were open or not.

#PlatformCLI

------------------------------
Adrián Santamaría
------------------------------