In my app I'm integrating OAuth2.0 library for vimeo upload. I'm getting error as invalid redirect uri after user log into his account.
My code,
self.oauthClient = [[LROAuth2Client alloc] initWithClientID:#"**** client ID ****"
secret:#" * secret * " redirectURL:[NSURL URLWithString:#"testMyApp://oauth"]];
In the plist i have given "testMyApp" as string in url schemes.
is this the right way to specify redirect uri? please help!
Your redirect url must 100% match the url configured on the developer site.
If your user is redirected to testMyApp://oauth your configured redirect url must be exactly testMyApp://oauth
The 3 pieces of information that you pass back to the Vimeo API (redirect_uri, code, grant_type) must be form URL encoded body parameters.
If they're being passed as query parameters, for example, the request will fail and return the error you're seeing.
For the Vimeo API to allow for your redirect, you have to register it for your app with the developer site. When it is registered there you are able to use it when you specify the redirect.
The plist scheme registration only notifies iOS that you can handle the scheme; Vimeo is unaware that it's a valid thing to redirect to for your app without this step.
The redirect url in the developer site must exactly match with the one in your application authentication request. I faced the same problem because of difference in the redirect url. But I fixed that and its working.
Developer site redirect url:
My app's request url:
https://api.vimeo.com/oauth/authorize?redirect_uri=vimeo608e5e6ffab5f7d2b567443f57684fdae8f8cb1c://auth&response_type=code&state=aee5252c-963c-4146-8358-a423326dd03c&scope=private%20public%20create%20edit%20delete%20interact&client_id=608e5e6ffab5f7d2b557443f57684fdae8f8cb1c
the value of the key redirect_url in above request is exact to the developer site. Please feel free to comment..
In my case, I had forgotten to enable implicit authentication and was getting the missing redirect_uri message.
Related
What is the correct format for a redirect URL when authenticating with OAuth2 and the Harvest API from an iOS application?
oauth.com states that a redirect URL for a native application can look like myapp://callback. Problem is, Harvest doesn't accept such a redirect URL. It seems to require prefixing it with http/https, which causes problems when redirecting back to the iOS application at the end of the authentication flow. I don't seem to find anything relevant in the Harvest API documentation.
I have added a URL Type in Xcode where I set the Identifier value to com.example.myapp and the URL Schemes value to MyApp. No matter what redirect URL I specify (given the format mentioned above) in Harvest the authentication flow always complains that Safari cannot open the page because the server cannot be found. I am able to open the app manually with the appname:// URL from the
It sounds like you're looking for the URL to use regarding redirection from a web call. I'm not certain on oath2, but on SAML it is something like
https://where you are signing in/SSOpage?RelayState=https://where you are going
I hope this helps get you to your answer.
If anyone else has this issue, the identifier and URL Schemes should not be com.example.myapp and MyApp, respectively. You only need to set the URL Scheme to com.example.myapp
I'm attempting to sign in users with the LinkedIn Omniauth 2 gem. I have tried a few different possibilities for the redirect, read several articles and nothing is working.
I'm trying to test this locally.
Rails 4 app
Gems include:
omniauth
omniauth-linkedin-oath2
A few attempts of the redirect URL to put in the box includ:
https://www.linkedin.com/uas/oauth2/authorization?client_id=759dczzx23nyic&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Flinkedin%2Fcallback&response_type=code&scope=r_basicprofile+r_emailaddress&state=8da572e31a8e66e6b1de54acddd14937d976ed06d7ed3217&client_id=*
= API Key that needs to stay private
http://localhost:3000
http://localhost:3000/
http://www.localhost:3000
https://localhost:3000
https://localhost:3000/
https://www.localhost:3000
I read both of these articles the entire way through, but still couldn't attempt to find the correct way to redirect it.
https://developer.linkedin.com/forum/register-your-oauth-2-redirect-urls
https://developer.linkedin.com/forum/oauth-20-redirect-url-faq-invalid-redirecturi-error
Any help in what I need to change would be great.
They need to match exactly what you are sending:
http://localhost:3000/auth/linkedin/callback
In case of Linkedin Authorized Redirect URLs should be in form of:
http://localhost:8080/your-project-name/auth/linkedin
After authentication if you want to redirect to a specific page then
http://localhost:8080/your-project-name/that-page-url
I was having a similar issue and kept getting "Invalid redirect_uri. This value must match a URL registered with the API Key." error when using Auth0
I added URL below to LinkedIn's list of allowed callback then it worked.
https://"Insert your Client Domain Name from Auth0"/login/callback
I have a working Dropbox application, using oauth. I am extending the application and have added a new redirect-uri in the App Console. I am absolutely sure that the redirect uri is correct, but I am getting a 400 Invalid redirect-uri error. My uri begins with https:// as required.
Is there a delay before new redirect uris take effect?
This is the error:
More details for developers
Invalid redirect_uri: u'https://shareddom.ws/mse/auth/guest_portal.php'. It must exactly match one of the redirect URIs you've pre-configured for your app (including the path)
This the uri, cut and pasted from the App Console:
https://shareddom.ws/mse/auth/guest_portal.php
I don't think there should be any delay at all (certainly no more than a few seconds at most).
Those two strings appear to be identical, so my guess would be that the redirect URI isn't in the right place (or maybe under the right app?). Double check that the app key you're using matches the app key you're looking at in the App Console and that redirect URI is under the "OAuth 2 Redirect URIs" section of the page.
If you're still having trouble, I'd suggest opening a support ticket so we can double check the app details for you: https://www.dropbox.com/developers/contact.
I am working on a Rails application which is in development mode and it can register with omniauth.
The host is
http://localhost:3000/
I'm using the gems:
gem 'omniauth'
gem 'omniauth-foursquare'
gem 'omniauth-instagram'
When I register through omniauth with Foursquare there's no problem at all. All the settings are right and my redirect_uri in the Foursquare developer settings equals to the host (localhost:3000)
However, if I fill in the exact same redirect_uri (localhost:3000) in the Instagram client manager*. Instagram gives me this:
{
"code": 400,
"error_type": "OAuthException",
"error_message": "Redirect URI does not match registered redirect URI"
}
Based upon this URL:
https://instagram.com/oauth/authorize?response_type=code&client_id=<ID>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Finstagram%2Fcallback&state=18415adf24dd97873e61094f67c0fb7a94857fedf93e9d2e&scope=basic
*
What am I doing wrong according to Instagram and how should this be fixed?
Fixed the issue myself. Added localhost:3000/auth/instagram/callback as redirect_uri and it worked just fine.
When you specify a redirect URI http://localhost:3000 is not the same as http://localhost:3000/ (note the trailing slash).
Make sure the callback URI matches exactly.
I needed to add
http://localhost:3000/users/auth/instagram/callback
as my callback URI because I'm using Devise.
For Drupagram module (Drupal 7) added: http://localhost:3000/instagram/oauth as redirect_uri
For anyone that is having this issue and the redirect uri provided to instagram is exactly the same as the one you're using, i've found that some users were typing my website address as http://www.example.com/login when in my instagram api it was http://example.com/login.
Then I created a php script to detect if the string www exists in my url and then reload to the same page but without the www.
if(strpos($_SERVER['HTTP_HOST'], 'www.') !== FALSE) {
header("Location: ".str_replace('www.', '', $_SERVER['HTTP_HOST'].'/'.$_SERVER['REQUEST_URI']));
}
Issue: Oauth2 Instagram API “redirect URI does not match registered redirect URI
My Solution: Please check ng-cordova-oauth.js file and check instagram function in that. Verify redirect_uri value is same as register your application on developer console for Instagram.If it is same it works properly,otherwise you get the above issue.
{"error_type": "OAuthException", "code": 400, "error_message": "Redirect URI does not match registered redirect URI"}
How to get Access token from instagram
Your website url must be same when registering sandbox clien api on instagram https://www.instagram.com/developer/
here we used website url: https://adlivetech.com
Valid redirect URIs: https://adlivetech.com/
For live website you can get Access token easily by using https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token
Replace above url "CLIENT-ID" with your client ID
Replace above url "REDIRECT-URI" redirect url should be your domain name like: http://adlivetech.com
https://adlivetech.com/access_token=YOUR_ACCESS_TOken
I mucked around with this for ages..
perhaps it has changed but:
http://localhost:3000/users/auth/instagram/int_callback
was the callback URI that finally worked for me.
The ONLY issue i was having was that it was exactly an incorrect callback uri and wish I had seen here that I should be focusing on my Instagram setup instead of modifying my code.. to get the error message means everything else is working (so far), otherwise you would not be getting that particular error message.
Good luck!! - don't get distracted!
This isn't a ruby-specific but for anyone else wrestling w/this here's what got me past it (note: nothing in above answers worked for me):
1. Edit your Client on Instagram Developer and uncheck Disable implicit OAuth.
2. Click Update Client to save it.
3. Now go to https://instagram.com/oauth/authorize/?client_id=[CLIENT_ID]&redirect_ur.... Just change [CLIENT_ID] and [REDIRECT_URI] with their values.
4. After that you will be redirected to [REDIRECT_URI]/#access_token=[ACCESS_TOKEN]. Get it and place it on the Instagram Access Token textbox.
(Source: https://www.drupal.org/project/instagram_feeds/issues/2140479)
...Or you can follow the instructions here:
https://instagram.com/developer/authentication/?hl=en
See "Step One: Direct your user to our authorization URL" section.
Just simply supply your CLIENT_ID and REDIRECT_URI.
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code
Beginner programmer here, please pardon ignorance & explanations will be really nice :)
I've tried to read the tutorials for a certain OAuth 2.0 service, but I don't understand this redirect URI... in my particular context, let's say I'm trying to build an iPhone app that uses OAuth 2.0 for some service. I have an App ID that was generated, but i need to provide some sort of redirect URI to generate the API key.
Is this a URL that I'm supposed to host somewhere myself?? As the name suggests, I would think that the redirect URL is supposed to "redirect" someone somewhere. My only guess is that it's the URL a user is redirected to after they log in to the service.
However, even if that assumption is correct, I don't understand one other thing - how can my app be opened again after I've sent them to the browser for the user login?
Read this:
http://www.quora.com/OAuth-2-0/How-does-OAuth-2-0-work
or an even simpler but quick explanation:
http://agileanswer.blogspot.se/2012/08/oauth-20-for-my-ninth-grader.html
The redirect URI is the callback entry point of the app. Think about how OAuth for Facebook works - after end user accepts permissions, "something" has to be called by Facebook to get back to the app, and that "something" is the redirect URI. Furthermore, the redirect URI should be different than the initial entry point of the app.
The other key point to this puzzle is that you could launch your app from a URL given to a webview. To do this, i simply followed the guide on here:
http://iosdevelopertips.com/cocoa/launching-your-own-application-via-a-custom-url-scheme.html
and
http://inchoo.net/mobile-development/iphone-development/launching-application-via-url-scheme/
note: on those last 2 links, "http://" works in opening mobile safari but "tel://" doesn't work in simulator
in the first app, I call
[[UIApplication sharedApplication] openURL:[NSURL URLWithString:#"secondApp://"]];
In my second app, I register "secondApp" (and NOT "secondApp://") as the name of URL Scheme, with my company as the URL identifier.
Take a look at OAuth 2.0 playground.You will get an overview of the protocol.It is basically an environment(like any app) that shows you the steps involved in the protocol.
https://developers.google.com/oauthplayground/
redirected uri is the location where the user will be redirected after successfully login to your app. for example to get access token for your app in facebook you need to subimt redirected uri which is nothing only the app Domain that your provide when you create your facebook app.
If you are using Facebook SDK, you don't need to bother yourself to enter
anything for redirect URI on the app management page of facebook. Just setup a
URL scheme for your iOS app.
The URL scheme of your app should be a value "fbxxxxxxxxxxx" where xxxxxxxxxxx is
your app id as identified on facebook.
To setup URL scheme for your iOS app, go to info tab of your app settings
and add URL Type.