Adding subdomain to OAuth valid redirect urls

[assaf]

Hi,

We have a developer token with enabled Adwords API. Recently we decided to allow customers to authorize using the OAuth protocol. It's working fine when in the redirect_uri we specify is http://ourdomain.com or http://localhost, but fails on http://app.ourdomain.com

400. That’s an error.

Error: redirect_uri_mismatch

A native application: xxx

You can email the developer of this application at: yyy

Request Details

• access_type=offline
• approval_prompt=force
• hl=en
• scope=https://www.googleapis.com/auth/adwords
• response_type=code
• redirect_uri=http://app.ourdomain.com
• client_id=zzz
  

That’s all we know.

As far as we understand this uri (subdomain) should be authorized somewhere in the Developers Console, but we don't see this option. Just for test purposes we created a new Client of type Web Application and it indeed has a section called Authorized redirect URIs, but it's missing in the our original Client which is of type Other.

How can we solve this while preserving all the permissions we have in the original client? Should we migrate it from Other to Web application?

Thanks

[Josh Radcliff (AdWords API Team)]

Hi,

The flow you described sounds like a Web application flow to me, rather than an Other/Native application flow. The Web flow will allow you to enter multiple redirect URIs, as you noted.

I'd recommend switching over to the Web application client ID and secret, then adding all required redirect URIs to that application.

Cheers,

Josh, AdWords API Team

[assaf]

Thanks, we did it and seems to work. I thought that adding a new client will require to pass the approval process for developer token again.