I’m getting a
Redirect URI mismatch error when trying to get an access token after getting the code. It’s probably because I misunderstood how redirect URI works. I tried the following:
- Exact same URI as in app settings
- Same URI that I provided in
oauth/authorize call when getting the code
I’m getting the same error every time.
“reason”: “Invalid request : Redirect URI mismatch.”,
Which App Type (OAuth / Chatbot / JWT / Webhook)?
How To Reproduce (If applicable)
Steps to reproduce the behavior:
- Follow Step 1 of OAuth tutorial and get the code
- Make a POST request to
zoom.us/oauth/token (Step 2), provide the same redirect_uri as in the first step
- Receive redirect URI mismatch error
Screenshots (If applicable)
(don’t worry about the credentials on screenshots, it’s a testing app)
I’m trying to set up an integration with zoom (get data about past meetings for analysis). Our service is called Teamplify.
Looks like you have query params included in your redirect url.
Can you try removing them, and making sure the redirect url matches with what you have in your Zoom OAuth settings?
I tried that and it didn’t work. I have a testing URI, a production URI, tried them both.
I’m wandering if it might be connected to whitelist. Am I supposed to put testing URLs there?
I’m also using a local dev server URL (local.teamplify.net) - it resolves to 127.0.0.1. Can this be the problem?
Yes, please add http://local.teamplify.net to your whitelist and try again.
I put http://local.teamplify.net in the whitelist and tried again without changing anything else. Still getting the same error.
Could there be anything else causing this?
I managed to get it working by adding the port to app settings - http://ivelum.local.teamplify.net:8211/.
Maybe you could make the error message a bit clearer? I think something like
Redirect URI (http://local.teamplify.net:8211/redirect/) mismatch - it must start with http://local.teamplify.net or https://teamplify.com would work.
Also, why is redirect_uri required in
oauth/token anyway? Aren’t we supposed to just send post request and read the response body?
Happy to hear you got it working! We will work on making the error messaging more clear.
It is required so it validates what you have set in your OAuth app settings, and also allows you to redirect to different paths or sub domains dynamically.