Reputation: 13253
Why am I getting a 400 bad request when I define different URIs for Authenticate and Request Token API calls?
I am writing a 3-legged authorization for integration with Ring Central based on this flow:
https://developers.ringcentral.com/guide/authentication/auth-code-flow
Both step 1 (Request authorization code) and step (Exchange code for token) require that a "redirect_uri" parameter is provided. However if I define 2 different URIs for these steps I get a 400 Bad Request when I try to exchange code for token. Both URIs are defined in my Ring Central "OAuth Redirect URI" app settings.
When I use the exact same URL for both steps then the entire process works fine except that I end up being redirected back to the authentication callback URI. What am I missing here? Is this a limitation on the sandbox environment?
Upvotes: 0
Views: 352
Answers (1)
Reputation: 269
For security reasons RingCentral requires the RedirectURI that is initially transmitted in the initial loginURL to be the RedirectURI used throughout that authorization session. That is why you receive the HTTP Auth error.
The RingCentral Authentication Quick Starts provide as great starting place for an end-to-end OAuth flow. Check them out:
https://developers.ringcentral.com/guide/authentication/auth-code-flow
Upvotes: 1
Related Questions
- Why is redirect_uri required on Access Token request?
- 400 Bad Request POST request
- Getting a 404 error when using the call log API
- Why or how does an invalid callback url work with Oauth2 in Postman?
- RingCentral Auth Token Failed in Curl Call - "Unauthorized for this grant type"
- RingCentral JavaScript SDK (HTTP 400 - Unauthorized for this grant type)
- Error 401 Unauthorized. How to Use the same token for different Urls?
- Getting redirect_uri_mismatch error with multiple uris
- What should the Request URI be when creating an oAuth 2.0 server implementation?
- OAuth works with Authorization data in the header but not in the URL