Hello, we're working on building an embedded app. We're using the shopify omniauth gem along with Devise to handle the oauth process on our end. We're also tunnelling into localhost via ngrok as suggested in the getting started guide. However it looks like the shopify API doesn't like our redirect url.
Here's the whitelist in our app settings (the Redirection URL field):
Note that we've tried just one line or the other line. Devise is prepending /users/ to all oauth routes which is why we aren't using the default auth/shopify route.
When we click our app, we get the "Oauth error invalid_request: The redirect_uri is missing or not whitelisted" error. However, the redirect_uri as shown in the params on the url of that page is:
Which, decoded, matches one of the entries in the whitelist.
Our app has Shopify Web Admin enabled. Is there any other reason the shopify API can't find our callback url in the whitelist?
It looks like the whitelist entries that you posted have a trailing slash, yet there is no trailing slash in the redirect_uri. Have you tried whitelisting https://f9302390.ngrok.io/users/auth/shopify/callback (without the slash at the end)?
I am new around and I follow tutorial from shopify (https://shopify.dev/tutorials/build-a-shopify-app-with-node-and-react/embed-your-app-in-shopify).
in progress I got same error => Oauth error invalid_request: The redirect_uri is not whitelisted when it comes to "Authenticate and test your app" section.
I have url https://1e6c101b2ffe.ngrok.io/ from ngrok both for App URL and Whitelisted Redirection URL.
I think my problem is now I can't delete last slash. even if I delete it, it comes back when I click save.
what do you think?