Developer set up for OAuth2

API and Webhooks
1

Description
Confused as to how to manage redirect URL on local development system

Error
When posting to the authorize endpoint i have to specify the redirect URL which has to match that in the app profile.

However, when developing I’m always using localhost:3000 as the website since this my IDE environment. I get the redirect URL back with the code in it (so I know it’s authorising ok) but of course, I can’t continue with the redirection since that’s on www.mydomain.com

I have whitelisted www.mydomain.com as well as localhost:3000

Which App Type (OAuth / Chatbot / JWT / Webhook)?
OAuth2.

Which Endpoint/s?
Authorize

How To Reproduce (If applicable)

Screenshots (If applicable)

Additional context

2

Hey @blacknell,

You can use ngrok to turn your localhost into a free server. Then use the ngrok url as your development redirect and whitelist.

Let me know if you have additional questions! :slight_smile:

Thanks,
Tommy

3

So are you suggesting I need to create another app with local host:3000 redirect & whitelist uri’s?

Regards
Paul

4

Hey @blacknell,

No, just change your development redirect and whitelist urls to your ngrok url:

Screen Shot 2020-08-13 at 2.18.44 PM
Screen Shot 2020-08-13 at 2.18.44 PM2404×980 206 KB

If I am misunderstanding your issue, can you explain more about why you need to use both localhost and mydomain.com in the same OAuth flow?

Thanks,
Tommy

5

Ok. I’m getting there but…

  1. I got the code back after https://zoom.us/oauth/authorize?client_id=xxx&response_type=code
  2. I then made the POST to https://zoom.us/oauth/token?grant_type=authorization_code&code=yyy with encoded headers etc.

I’m getting a CORS error back

This is supposed to be a client side oauth process but it’s looking like your side doesn’t set Access-Control-Allow-Origin?

6

Hey @blacknell,

It is a client side process until you land on your redirect url. You need to make the request to get an access token from the server side. A common flow is once you land on the redirect url, your client side makes a request to your server sending the auth code, and then your server makes a request to get an access token from Zoom.

Thanks,
Tommy

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.