Using cloud.invantive.com I am preauthenticating a connection to Exact Online using the OAuth2 Code Grant Flow. I have entered the client ID, the associated client secret and checked deviating redirect URI.
On clicking the Preauthenticate button, I get the following error without entering a username/password first:
Invalid authorization request
The URL on top is like:
https://start.exactonline.nl/api/oauth2/auth?response_type=code&client_id=4...stuff...b&redirect_uri=https%3A%2F%2Fcloud.invantive.com%2FUtilities%2FSettings&state=d...stuff...8
The error text does not give a clear hint, but in this case I had forgotten to replace the contents of the redirect URI by the value of the redirect URI given on the Exact Online app center on the app with the client ID used.
After correcting the redirect URI, I was presented with a login form. After entering credentials I got my refresh token.
Related
Trying to set up an Authentication for my app, and all seemed to be working correctly, but when I tried testing it out I got this error message
Authorization Error
Error 400: redirect_uri_mismatch
The redirect URI in the request, http://localhost:3000/api/auth/callback/google, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/apis/credentials/oauthclient/${your_client_id}?project=${your_project_number}
Can you point me in the right direction to fixing this?
Error 400: redirect_uri_mismatch
Is a configuration issue. The redirect uri is used to return the authorization code to your application after the user has consented to your applications access to your data. You have created a web client credentials up on Google developer console.
What you need to do is go back there and add a Redirect uri of
http://localhost:3000/api/auth/callback/google
It must match exactly don't add any spaces at the end or anything.
If you have any issues i have a video which will show you exactly how to add it Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.
Seems like there's a mismatch with the Authorized redirect URIs. Are you sure you have entered the correct URIs? Redirect URI should be the URL that you'll be redirecting the user to after the login page or the base URL of your application Eg: https://localhost:8000
Also, make sure that you are using the correct Client ID and Client secret
Similar Questions
Google OAuth 2 authorization - Error: redirect_uri_mismatch
Correct redirect URI for Google API and OAuth 2.0
I'm trying to implement the oAuth flow to sign in with Microsoft.
I have the following endpoints:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
https://login.microsoftonline.com/common/oauth2/v2.0/token
My flow is like this:
Redirect to Microsoft by clicking on Sign in with Microsoft button:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={client_id}&scope=user.read&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2F1%2Ffrontend%2Flogin%3Fstate%3Dtest
My redirect url is:
http://localhost:8000/1/frontend/login?state=test
Which is appended with the code I receive back from Microsoft.
I then perform a POST request to the /token endpoint.
However, I receive an error (AADSTS50011) saying:
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application:
The data I send is correct, except for the redirect_uri. I have the following value:
http%3A%2F%2Flocalhost%3A8000%2F1%2Ffrontend%2Flogin%3Fstate%3Dtest
Which is just an url encoded version of my redirect url including the ?state=test
I know that everything works fine, except the redirect_uri, because when I remove the state query param, everything works fine.
However, to route the redirect_uri correctly in my application, I need the state param.
I cannot add it in my App settings, and I have to include it in the first request (/authorize endpoint)
That all works fine, but the second (/token) POST request fails, I cannot enter my redirect_uri with the ?state= parameter.
I've tried several options such as encoding the redirect_uri, but it doesn't help.
All other oAuth flows (Like Github) are working fine. Except Microsoft.
Attach your state param to the auth request itself, don’t put it in the redirect_uri param. Then the state param is automatically sent back to the redirect uri.
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={client_id}&scope=user.read&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2F1%2Ffrontend%2Flogin&state=xyz
I am trying to connect to the Data-API by using the PHP-SDK.
I have configured an API-Key. But when trying to connect an exception is thrown. Message:
This redirect_uri' isn't allowed byclient_id' configuration.
I suppose that somehow the callback URL is not correct.
Any help is appreciated.
Regarding the redirect_uri, if is stated at https://github.com/dailymotion/dailymotion-sdk-php/blob/master/Dailymotion.php#L196 that:
"if using authorization grant type, this key can be provided. If omitted, the current URL will be used. Make sure this value stays the same before the user is redirect to the authorization page and after the authorization page redirects to this URI (the token server will change this)."
You should also make sure that this value matches the "callback url" you defined when creating the api key at http://www.dailymotion.com/settings/developer . It not matching, it will trigger the error you mentioned.
I'm getting a redirect uri error for google authentication even when I've already placed the EXACT url in the google dev console config settings. Anybody know what could trigger such an error?
Below are screenshots of the error. I have the exact uri authorized in the settings yet trying to authenticate leads to a redirect_uri error!
I just figured this out. If you're ever as dumb as me and your google app has multiple client IDs you could be using a different client ID for authorization then the one you're setting your redirect uri to. When you're changing the redirect uri, check to see if you have another client_id and set the redirect_uri for that.
I'm working on an application that integrates with GitHub and am having issues "logging out" a user that was previously authenticated. When I attempt to revoke the authorization token for the user, I get a 404 Not Found response from the API.
According to the documentation, it looks like I should just be able to make a DELETE request to https://api.github.com/authorizations/[authTokenId]. I have tried a couple of different things including:
Ensuring the Authorization header is set with the current auth token
Ensuring the UserAgent header is set with what I use for the rest of the API calls
Nothing seems to result in anything but a 404 though. I have validated that the token is valid and has that the Id matches with what is expected (id property from the authorization response and from the "check an authorization" response as well). Anyone have another thought on something I could be missing?
Looks like currently you need to include a basic authentication header (including a base64 encoded string of your username/password).
Not ideal for my purposes since I want to revoke the token when a user "logs out" of my application and I don't want to store their username/password. I've sent GitHub support an email about it to see if they have any other ideas.
Update 6/12/2013
GitHub support has stated that the above is expected at this juncture, but they are considering updating to allow revoking an authorization using the authorization as the means of authentication.
For now I'm going to require the user to enter their username/password a second time to revoke the authorization.