When using OST you get an engine on isolated network, that in order to make available you must tunnel. When tunnelling you end up with a URI with a uncommon port or hostname that will result an error while authenticating:
URL:
https://localhost:9000/ovirt-engineThis displays this error:
" The redirection URI for client is not registered " See screenshotCan we expose the expected valid redirect urls? Is it used for something else than obscurity?