Symptoms:
Upper case characters in a PCF System Domain will break Login through User Account and Authentication (UAA) to applications like Apps Manager.

After attempting to login to the Apps Manager Graphical User Interface (GUI), the error below is returned:

Authorization Request Error
There was an error. The request for authorization was invalid.

An "Invalid Redirect" message means that the redirect requested from the client does not match an allowed redirect configured in UAA for the given client. In most cases, this happens when the application generates the wrong redirect URL. Examples include:
 

• Registering an URL with HTTPS but generating the URL with HTTP only
• Using a client who is registered for a production URL when running locally and developing the application

In this case, the problem is more subtle. The URLs match but have different cases. This is because the system domain, which is configured in Ops Manager under the PAS tile, > Settings -> Domains, is declared with mixed case characters such as upper-case and lower-case.

Mixed case is technically allowed because the spec that specifies domain names are case insensitive: RFC4343

Refer to this spec which provides more information regarding parts of URLs that are case sensitive. This is not currently allowed because UAA is treating two redirect URLs, where the host names have identical characters but differ in case, as different URLs.

Make sure the System Domain in the PAS tile -> Settings -> Domain page is always set to lower-case.