"Get a 3-Legged Token with Authorization Code Grant" generates an Error 400

Question

I am trying to create a webpage that implements Step 1 of the "Get a 3-Legged Token with Authorization Code Grant" process described in Autodesk's Forge tutorial. But when I run it I get an error: Error : 400 - Invalid redirect_uri

Here is my code:

    <!DOCTYPE html> 
    <html lang="en"> 
    <head>
    <title>Get_a_3-Legged_Token_with_Authorization_Code_Grant.php</title>
    </head> 
    <body> 
    <?php 
    // Derivedfrom API tutorial here: 
    // https://developer.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/

    $client_id                          = "HAqDtKO7VbuRgH0nL0MFJ0B02ElBEK3l";
    $forge_Callback_URL_w_query_string  = "http%3A%2F%2prod.sonautics.com/send_scan.php%3Fcmd%3Drefresh";
    $forge_Your_WebSite_URL             = "httpp%3A%2F%2prod.sonautics.com";

    echo    '<a href="https://developer.api.autodesk.com/authentication/v1/authorize?response_type=code'
        .   '&client_id=' . $client_id      
        .   '&redirect_uri=' . forge_Callback_URL_w_query_string    
        .   '&scope=data:read">Click here to grant access to your data!</a>'; ?> 
    </body> 
    </html>

I am receiving a page that says:

Oops

Error : 400 - Invalid redirect_uri

We're experiencing problems with the application configuration.

Connecting Application

Please try again later.

My code above is very simple:can you help me identify the source of the error and tell me how to fix it?

Answer 1

The redirect_uri parameter should be matched with the Callback URL like the following snapshot in your Forge app of this client id you mentioned here. Please check if they are mismatched currently.

Besides,

the oath scope for viewing models via Forge Viewer is recommended to use viewables:read instead. The scope data:read can be used to read your model files in your bucket by others once your token with this scope is exposed. Please check this announcement: https://forge.autodesk.com/blog/new-viewablesread-scope