I received the following error message:
Error 400: redirect_uri_mismatch
The redirect URI in the request, urn:ietf:wg:oauth:2.0:oob, can only be used by a Client ID for native application. It is not allowed for the WEB client type.
You can create a Client ID for native application at https://console.developers.google.com/apis/credentials/oauthclient
I tried to get my Google Ads data and couldn't generate the client_token. I had everything else like client_id, client_secret, developer_token. Anyone familiar with this error? Thanks!
Related
I’m totally new to OAuth 2 but my current task requires me to use it to authenticate request from Sendgrid event webhook.
The only manual I found is this:
https://docs.sendgrid.com/for-developers/tracking-events/getting-started-event-webhook-security-features#oauth-20
And I tried the following:
1. I tried creating a new OAuth 2.0 Client IDs from google cloud console
I got the json file which contains: client_id, client_secret, token_uri; then I inputted them to Sendgrid.
However, when I tested it (by clicking the “Test your intergration”), nothing was sent to my endpoint.
I think that sendgrid couldn’t get the access token from the OAuth service or authorization server so it didn’t send any request to my URL.
2. I tried creating a Auth0 account and I also got client_id, client_secret, token_uri
I tested it again and nothing is sent to my endpoint, but this time, when I checked the log from Auth0, I saw this error:
No audience parameter was provided, and no default audience has been configured.
Faced with the same issue.
On the Auth0 side, we can set 'default audience' on the Tenant level (not on each application). It isn't enjoyable.
On Sendgrid they don't send audience param (they expect that you can fetch access token only by client id and client secret)...
Trying to set up an Authentication for my app, and all seemed to be working correctly, but when I tried testing it out I got this error message
Authorization Error
Error 400: redirect_uri_mismatch
The redirect URI in the request, http://localhost:3000/api/auth/callback/google, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/apis/credentials/oauthclient/${your_client_id}?project=${your_project_number}
Can you point me in the right direction to fixing this?
Error 400: redirect_uri_mismatch
Is a configuration issue. The redirect uri is used to return the authorization code to your application after the user has consented to your applications access to your data. You have created a web client credentials up on Google developer console.
What you need to do is go back there and add a Redirect uri of
http://localhost:3000/api/auth/callback/google
It must match exactly don't add any spaces at the end or anything.
If you have any issues i have a video which will show you exactly how to add it Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.
Seems like there's a mismatch with the Authorized redirect URIs. Are you sure you have entered the correct URIs? Redirect URI should be the URL that you'll be redirecting the user to after the login page or the base URL of your application Eg: https://localhost:8000
Also, make sure that you are using the correct Client ID and Client secret
Similar Questions
Google OAuth 2 authorization - Error: redirect_uri_mismatch
Correct redirect URI for Google API and OAuth 2.0
I have written a mobile application using the React Native Framework.
This application uses Google's OAuth 2.0 endpoints to authorize access to Google APIs.
I followed the documentation to implement this.
I have been able to retrieve Access Tokens and Refresh tokens for months now by making the following HTTP requests:
HTTP GET Request to retrieve Authorization Code:
https://accounts.google.com/o/oauth2/v2/auth?scope=email%20profile%20https://www.googleapis.com/auth/youtube%20https://www.googleapis.com/auth/yt-analytics.readonly%20https://www.googleapis.com/auth/yt-analytics-monetary.readonly%20https://www.googleapis.com/auth/youtubepartner&response_type=code&client_id=OMITTED&redirect_uri=OMITTED');
HTTP POST Request to exchange Authorization Code for Access Token:
let queryString = "code=" + authCode + "&" + "client_id=OMITTED&redirect_uri=OMITTED&grant_type=authorization_code";
fetch('https://www.googleapis.com/oauth2/v4/token', {method:'POST', headers: {'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8' }, body: queryString})
This POST Request is now getting the following error within the response:
Error:
"invalid_scope"
error_description
:
"Some requested scopes were invalid. {valid=[https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile, https://www.googleapis.com/auth/youtube, https://www.googleapis.com/auth/yt-analytics.readonly, https://www.googleapis.com/auth/yt-analytics-monetary.readonly], invalid=[https://www.googleapis.com/auth/youtubepartner#]}"
Again, I have been able to retrieve an Access Token and Refresh Token for months using this same code.
This error has suddenly been surfacing as of 09/12/2018.
There have been no changes to my code.
Does anyone have any ideas regarding why I am now getting this error?
What about removing the email scope?
I guess Google has fixed it now. I can signing-in without removing email scope now on my app.
When i am sending BitCoins using the send:to:withNotes:withHandler: method , the failure block gets invoked with error localised description mentioning error 403 forbidden.
A 403 response from the Coinbase API usually means your API key or OAuth token is lacking the required scopes for the specific request you are making.
Based on the name of the method, it sounds like it would be the Send Money request, which requires the wallet:transactions:send scope/permission.
You can check with permissions you have for an API key, or OAuth token using the Show Authorization Info request.
I am trying exchange authentication code to access token on OAuth2.
I sent a request to google using GET request, and I got a code. And now I'm trying to exchange the code to access token.
I sent request to https://accounts.google.com/o/oauth2/token with these arguments
using POST request
code=[Authentication code]
client_id=[Client ID]
client_secret=[Client Secret]
redirect_uri=urn:ietf:wg:oauth:2.0:oob
grant_type=authorization_code
But google responsed like this with 400 error
{
"error" : "redirect_uri_mismatch"
}
I created Client ID on google developers console. I used type 'Installed Application'.
I also tried:
request_uri=#://localhost:8081
request_uri=#://localhost:8081/
(# means http. I edited on my phone, so I couldn't insert code block for http)
But it didn't worked.
What's wrong with request?
Check these 2 steps below
The redirect uri to retrieve auth code and access token should be same
Use the same redirect uri that you configured while creating the application, screenshot below