OAuth redirect_uri no longer accepts query parameters

New Member
7 0 0



This worked at some point, but it looks like recently Shopify has started to reject any OAuth authorization request with "Oauth error invalid_request: The redirect_uri is not whitelisted" when the redirect is appended with parameters. Not sure when the regression occurred, but it's likely within the last few months.


For example, if I want to grab some new scopes for an offline authorization token, I redirect to :



It looks like the presence of %3Fclose%3D1 is causing Shopify to choke here. Removing that makes it execute fine. Given that this is a query parameter, I would expect that the whitelisted redirect_uris would ignore them. Is this a bug, or expected behaviour that was silently changed a while back?






Shopify Partner
1043 112 165

I think it was always the case, not sure how it was working for you at some point. The whitelist must contain the exact redirect URI including query parameters. On a side note, this the definition of the URI: 

URI = scheme:[//authority]path[?query][#fragment]


Sergiu Svinarciuc | CTO @ visely.io
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!
- To learn more about the awesome stuff we do head over to visely.io or our blog
New Member
7 0 0

Fair enough; I guess it was a bug that it did work for years. I'll make the appropriate changes. Thanks.