cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
559
Views
0
Helpful
2
Replies

Redirect Integration URL errors

Janos Benyovszki
Cisco Employee
Cisco Employee

If the redirect URL or other parameters of an integration change and you do not use the most up-to-date Authorization URL, you might receive the below error in your integration:

"We've encountered an error. Try again later."

 

In that case, is it still possible to redirect an OAuth Authorization error to the original redirect URL with an error response?

1 Accepted Solution

dstaudt
Cisco Employee
Cisco Employee

It's possible to configure more than one Redirect URI for an Integration, so you could keep the old URL around and have it handled by something that does something sane (the run-time redirect URL will have some error stuff in the URL query params.)  This won't help for incorrect client_id/client_secret.

However, you really should be handling the OAuth auth URL building server-side, accepting the final OAuth Redirect on the server, performing the auth token exchange on the server, and sending the access token to the app.  This keeps all application ids/secrets only on your server and not anywhere in the client, where they can be compromised (or become stale.)  A purely single-page web app can't really be secure - the sensitive OAuth stuff should be handled server-side.

View solution in original post

2 Replies 2

dstaudt
Cisco Employee
Cisco Employee

It's possible to configure more than one Redirect URI for an Integration, so you could keep the old URL around and have it handled by something that does something sane (the run-time redirect URL will have some error stuff in the URL query params.)  This won't help for incorrect client_id/client_secret.

However, you really should be handling the OAuth auth URL building server-side, accepting the final OAuth Redirect on the server, performing the auth token exchange on the server, and sending the access token to the app.  This keeps all application ids/secrets only on your server and not anywhere in the client, where they can be compromised (or become stale.)  A purely single-page web app can't really be secure - the sensitive OAuth stuff should be handled server-side.

Janos Benyovszki
Cisco Employee
Cisco Employee

No, it is not possible to redirect an OAuth error to the original or a previous redirect URL, because it might be the wrong URL and the system has no way to verify it. The error should be corrected prior and all changes in an integration should be reflected in the OAuth Authorization URL the integration is using.