Another Invalid request : Redirect URI mismatch issue

Using this template helps us debug your issues more effectively :slight_smile:

Description
I’ve read until my eyes are popping out. And still can’t find a solution for receiving the error “Redirect URI mismatch issue”

Error
{“reason”:“Invalid request : Redirect URI mismatch.”,“error”:“invalid_request”}

Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAUTH

Which Endpoint/s?
https://zoom.us/oauth/token

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Initial Request: https://zoom.us/oauth/authorize?response_type=code&client_id=ZcyVHYAeREuscd9kC0S33w&redirect_uri=https%3A%2F%2Fpreviewdev.xcatalyst.com%2FLogMeInAuth.asp](https://zoom.us/oauth/authorize?response_type=code&client_id=ZcyVHYAeREuscd9kC0S33w&redirect_uri=https://previewdev.xcatalyst.com/LogMeInAuth.asp

  2. Step one properly returns to me https://previewdev.xcatalyst.com/LogMeInAuth.asp?MODE=CallBack&code={a good code appears here}

  3. I take the code and use the following vbscript code in legacy asp

    • HttpReq.open “POST”, “https://zoom.us/oauth/token”, False
      ----------------------all 3 headers here have been added and removed in combinations –
    • HttpReq.setRequestHeader “Authorization”, "Basic " & sAuthToken (this is the Base64Encode of clientID:secret and I’ve tested them by decoding after encoding)
    • HttpReq.setRequestHeader “Content-Type” , “application/x-www-form-urlencoded”
    • HttpReq.setRequestHeader “Accept” , “application/json”

    • HttpReq.send “grant_type=authorization_code&code=” & sCode & "&redirect_uri=https%3A%2F%2Fpreviewdev.xcatalyst.com%2FLogMeInAuth.asp (where sCode is the code sent to me)
  4. I get a JSON return of “{“reason”:“Invalid request : Redirect URI mismatch.”,“error”:“invalid_request”}”

I’ve used Step 3 for vbscript for many other ReST calls without issue. I presume this has something to do with the redirect URL and Whitelist. But have added and removed parameters until I’m blue and cannot get off this issue. The redirect URL and Whitelist have exactly the same uri in them (https://previewdev.xcatalyst.com/LogMeInAuth.asp).

I hope you guys don’t send me the same answers I’ve already read through. They all seem useless. What I need, perhaps, is a step by step critique of the things I’ve described above, ok?

Thanks guys for being around to hear me huff and puff. ~BG

Hey @bud.gressett,

Thank you for reaching out to the Zoom Developer Forum. When you make the request to get the token, have you tried adding the MODE query parameter? I’m wondering if that’s causing the issue here.

Thanks,
Max

Yes, MaxM. And I think that’s where all the problems started. It seems that if I change the URL Redirect after I select the Install button, I start getting the errors. Apparently this is a taboo that is not clearly mentioned in the online documentation. I deleted the app I installed and started over with what I wanted for a Redirect URL configuration. Then things began to work.

I appreciate your reply. Could you educate me further on how and why, after the Install, I was allowed to make changes to the redirect and they caused the error “Redirect URI mismatch”?

Hey @bud.gressett,

I’m glad to hear that you were able to figure it out! When it comes to making changes to an OAuth App, you’ll need to reinstall the app for those changes to be available to the user.

This is so that we can ensure the user authorizes any new versions even for unpublished apps.

Further, when passing data to your app, you’ll want to use the state parameter instead of a query parameter.

Let me know if that helps.

Thanks,
Max

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.