OAuth redirect_uri no longer accepts query parameters

Solved
New Member
7 0 0

Hi!

 

This worked at some point, but it looks like recently Shopify has started to reject any OAuth authorization request with "Oauth error invalid_request: The redirect_uri is not whitelisted" when the redirect is appended with parameters. Not sure when the regression occurred, but it's likely within the last few months.

 

For example, if I want to grab some new scopes for an offline authorization token, I redirect to :

https://mystore.myshopify.com/admin/oauth/authorize?redirect_uri=https%3A%2F%2Fexampleapp.com%2Fauth...

 

It looks like the presence of %3Fclose%3D1 is causing Shopify to choke here. Removing that makes it execute fine. Given that this is a query parameter, I would expect that the whitelisted redirect_uris would ignore them. Is this a bug, or expected behaviour that was silently changed a while back?

 

Thanks,

Adam

0 Likes

Success.

Shopify Partner
1043 112 165

I think it was always the case, not sure how it was working for you at some point. The whitelist must contain the exact redirect URI including query parameters. On a side note, this the definition of the URI: 

URI = scheme:[//authority]path[?query][#fragment]

 

Sergiu Svinarciuc | CTO @ visely.io
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as an Accepted Solution!
- To learn more about the awesome stuff we do head over to visely.io or our blog
0 Likes
New Member
7 0 0

Fair enough; I guess it was a bug that it did work for years. I'll make the appropriate changes. Thanks.

0 Likes