"Oauth error: redirect_uri is not whitelisted" due to a non-breaking space

Shopify Apps

Topic summary

A developer is experiencing an OAuth authentication failure caused by a non-breaking space character (%C2%A0) appearing in the redirect_uri parameter.

The Issue:

  • The redirect URI contains https://example.com%C2%A0/api/auth/callback instead of the expected https://example.com/api/auth/callback
  • This non-breaking space causes the URL to differ from the whitelisted redirect URI in the Shopify Partners dashboard
  • The resulting URL becomes https://shop.popkeels.com/api/auth/callback due to this encoding issue

Current Status:

  • The developer has verified their HOST URL and authCallback path configurations but found no obvious extra spaces
  • The source of the non-breaking space character remains unidentified
  • The issue is blocking app authentication and requires troubleshooting to locate where this character is being introduced in the code
Summarized with AI on November 10. AI used: claude-sonnet-4-5-20250929.
1

My app is not authenticating due to a non-breaking space in the reirect_uri. I’m not sure what’s causing this as I have checked the HOST URL and authCallback path. None of them have any extra space.

Here’s the URL (tempered) :
https://admin.shopify.com/store/e76aa7/oauth/authorize?client_id=27277406468b379ki9679392dce3ae6b&scope=read_product_listings%2Cwrite_resource_feedbacks%2Cread_legal_policies%2Cread_fulfillments%2Cread_merchant_managed_fulfillment_orders%2Cread_shipping%2Cunauthenticated_write_checkouts&redirect_uri=https%3A%2F%2Fexample.com%C2%A0%2Fapi%2Fauth%2Fcallback&state=057704649750170&grant_options%5B%5D=

Notice that the redirect_uri in the above URL after the domain has %C2%A0 which results in a non-breaking space.
Due to this space URL becomes “https://shop.popseekl.com /api/auth/callback” which results in a different URL than the one mentioned on the Shopify partners dashboard as the allowed URL. I’m unable to figure out where is this coming from.

Screenshot 2024-04-15 at 4.04.46 PM.png
Screenshot 2024-04-15 at 4.04.46 PM.png1920×1080 171 KB