Invalid redirect_uri error

Hi there,

I am building an app with OAuth based authentication and redirecting the user to the following url

https://auth.monday.com/oauth2/authorize?client_id=68949d7d3a1956743a4b1dc02ff081b2&scope=me:read%20boards:write%20boards:read%20users:read&redirect_uri=https://4f7111998264.ngrok.io/api/monday/callback

the same url - https://4f7111998264.ngrok.io/api/monday/callback is defined in the redirect_uri of my app’s oauth settings.

I am still getting an Invalid redirect_uri error on the browser. What am I doing wrong?

Would really appreciate your help.

Thanks

Hi @kranthi_thoughtflow!

Ahh okay, so in this case, your redirect URI should just be https://4f7111998264.ngrok.io/oauth/callback.

Do you mind replacing /api/monday/ with /oauth/ instead, and seeing if this helps?

Thanks!
Helen

Hi @Helen

Thanks for the response.

In my case, I am handling the oauth code on the endpoint /api/monday/callback on my server. This endpoint exchanges the code for an access token. I have already implemented google oauth in a similar form and its working fine.

Also, I just downloaded and ran the sample oauth example from here - GitHub - mondaycom/welcome-apps: A collection of "Hello World" monday.com apps and I still get the same message on the screen.

image

@dipro - Can you have a look?

Thanks

Hi folks,

Adding step-by-step screenshots from the Oauth Example

  1. Downloaded and installed the oauth example. Created an ngrok tunnel

  2. Updated app client_id, client_secret and callback url in the code

  3. Ran the app with node index.js

  4. Updated redirect url in the monday app settings

  5. Opened the tunneled url in the browser

  6. Getting invalid redirect uri on clicking the button

Hope this helps in diagnosing the issue.

Reasons why we want to use OAuth instead of the other authentication mechanisms

  1. We are adding a ‘Login using Monday.com’ (like login using google) feature in our app
  2. We want our users to be able to create monday tasks from within our app. Currently this operation is happening from the server, so we need a token on our servers.

Thanks

Hi @kranthi_thoughtflow!

Ahh okay I see what you’re saying. Am I correct in assuming that you’re attempting to set up this OAuth flow in a preexisting app?

If so, am I correct in assuming that you’re attempting to change your Redirect_URL in your app draft to something different than what’s in your published app?

The reason I ask is because I was able to reproduce this behavior using ngrok, since ngrok issues a new URL each time you start it. This re-generated URL then, was different than the URL that is being used in my published app.

I’m asking our developers if there is a way around this, or if this is a bug. Thank you for your patience here, I’ll get back to you as soon as I hear from them!

Hi @kranthi_thoughtflow!

Just heard back from our developer team. At this time, I’m afraid that we’re unable to issue different tokens for different OAuth settings (i.e. if you have a live app, you must utilize those OAuth settings).

If you’d like to change your OAuth settings then, you must first publish your app before you can see the effects of your OAuth changes.

Could this be the issue that you’re facing? I know that this makes testing OAuth flows a lot more difficult, so in this case I would set up a new App to test the OAuth flow before copying over to your live apps and publishing.

HI @Helen

Yes, you are right. I am trying this with an existing app that is already published.

I have created a new app for the moment and it seems to be working fine.

Thanks a lot for your help :slight_smile:

1 Like

My pleasure!

Let us know if you have any other questions!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.