Invalid redirect_uri parameter for Reddit API

Question

I'm trying to implement oAuth with Reddit using Devise & the omniauth-reddit gem.

It seems to be passing the local url & api key fine.

https://ssl.reddit.com/api/v1/authorize?response_type=account&client_id=API_KEY&redirect_uri=http%3A%2F%2F127.0.0.1%3A3000%2Fusers%2Fauth%2Freddit%2Fcallback&scope=identity

However the response I get is:

forbidden (reddit.com)

you are not allowed to do that
— invalid redirect_uri parameter.

I've tried setting the redirect_uri to 127.0.0.1:3000 as well as hosted url(heroku), but to no avail.

So now I don't understand if I'm still just giving them the wrong URL or passing a parameter that shouldn't be there.

Thanks for any help!

Answer 1

OAuth servers (almost always) require that you register the callback address with them. Have you done that? They check that what you send in the redirect_uri matches what you entered. In Reddit:

Just tested it. You have to enter the exact callback URL:

http://127.0.0.1:3000/users/auth/reddit/callback

If you miss one segment, it will report that error.