Let me look into this error message and what might cause it.
Based on the source code, the “Temporary server failure” message from the login page is triggered by one of three specific conditions in the browser-side login JavaScript:
/api/auth endpoint (the server returned something other than a valid JSON tagged union).client_code in an authenticated response.redirect_uri – the login page was opened without a proper redirect_uri query parameter.Since your logs show “auth ok” (meaning authentication itself succeeded), the most likely culprit is condition #3: the WebUI login page is being accessed without a valid redirect_uri. This happens when you navigate directly to :8080/login rather than through the proper OAuth flow that the WebAdmin WebUI initiates (which includes redirect_uri, client_id, and a PKCE code_challenge as query parameters).
What to try:
http://yourserver:8080 or https://yourserver/admin), not by going directly to /login. The WebUI generates the correct OAuth parameters before redirecting you to the login page./login directly, check the URL – it should have query parameters like ?client_id=webadmin&redirect_uri=...&code_challenge=.... If those are missing, the login will always fail after auth succeeds, because there is nowhere valid to redirect the authorization code."Invalid or missing redirect_uri:") before showing the generic error message to the user.The relevant API docs: API Endpoints | Stalwart
This is an automated reply from the Stalwart Help Bot. Other community members may follow up if this answer is incomplete or wrong. If you found it useful, mention @helpbot in any reply to ask follow-up questions and the bot will respond again.
Try to path /admin/login
Resolves it and saved me from hart attack. Thanks
I was trying to fix this thing for weeks
After setup wizard I couldn’t login anyhow and I was tweaking traefik endlessly to get it working. It turns out it was incredibly simple routing quirk on the frontend all along.
I really think its a bug that has to be resolved
This can happen at https://mail.example.com/login as well. I can see in the logs I’ve authenticated correctly:
INFO Authentication successful (auth.success) listenerId = "https", localPort = 443, remoteIp = 95.209.131.1, remotePort = 54288, accountName = "[email protected]", accountId = 2
and I’ve received the client_code:
TRACE HTTP response body (http.response-body) listenerId = "https", localPort = 443, remoteIp = 95.209.131.1, remotePort = 54288, contents = "{"type":"authenticated","client_code":"DEADbeefAvHADuierMzQ8pexQdAzJjBbtoOXz"}", code = 2
00, size = 81
This is on a new–ish install of Stalwart 16 (from May 7). The /admin/login/ path works.
I have used the developer tools and the error message on the login page says;
Invalid or missing redirect_uri: null Error: missing redirect_uri
This is the same thing several people have hit: the bare /login page is the OIDC authorization endpoint, and opened directly it has no redirect_uri to send you back to, so it shows “Temporary server failure” even though the login itself succeeds (your logs show auth.success and a 200). Use /admin or /account instead and it works.
@Suyunbek, @jeremiahcfoster: same fix for you. It’s not a server bug, though I take the point that bare /login showing that error is unfriendly