Error: invalid_request Mismatching redirect URI

257 views
Skip to first unread message

Paul Jurczyk

unread,
Sep 30, 2021, 9:46:10 PM9/30/21
to Developer Group for CMS Blue Button API
Hello!

Could use some help... not sure why I am receiving this error: Error: invalid_request Mismatching redirect URI.

The Callback URI is the same in the app as it is when I pass it to OAuth:


The endpoint accepts POST. Maybe the error message is misleading and something else is incorrect?

Any advice would be much appreciated!

Muhammad hanif

unread,
Oct 5, 2021, 2:41:10 AM10/5/21
to Developer Group for CMS Blue Button API
what are the parameter you are passing to request?

Muhammad hanif

unread,
Oct 5, 2021, 2:43:14 AM10/5/21
to Developer Group for CMS Blue Button API
Following prams should be passed if you are trying to get access token
client_secret, client_id, redirect_uri,grant_type,code(the one received from authorize request).

Paul Jurczyk

unread,
Oct 5, 2021, 3:37:50 PM10/5/21
to Developer Group for CMS Blue Button API
Hello Muhammad,

Thanks for responding.

I believe I'm at the step where I need to first receive the code before requesting an access token. Or Rather, I believe I have the those 2 steps in one step, sort of like when using Postman. This actually does work in Postman, but does not work via Flask application.

I am using Flask-Dance to help with the OAuth process. In case you are not familiar, it works by creating API blueprints and endpoints that help with the OAuth2 process.

What I have in my code:

# Blue Button CMS OAuth2
blue_button_cms_blueprint = OAuth2ConsumerBlueprint(
    "blue_button_cms",
    _app.config.get("BLUE_BUTTON_APP_NAME"),
    client_id=_app.config.get("BLUE_BUTTON_CLIENT_ID"),
    client_secret=_app.config.get("BLUE_BUTTON_CLIENT_SECRET"),
    scope=_app.config.get("BLUE_BUTTON_SCOPE"),
    authorization_url=_app.config.get("BLUE_BUTTON_AUTH_URL"),
    redirect_url=_app.config.get("BLUE_BUTTON_REDIRECT_URL"),
    token_url=_app.config.get("BLUE_BUTTON_TOKEN_URL"),
    authorization_url_params={
        "grant_type": "authorization-code",
    }
)

This seems to work in as far as redirecting the user to the login page:


Screenshot from 2021-10-05 14-58-41.png
However, once I enter credentials (BBUser00001, PW00001!), I get redirected to this page rather than the page that confirms data access:


Screenshot from 2021-10-05 14-59-58.png

I saw this issue before when testing via Postman, but it was due to the URLs not matching (in the app dashboard and in Postman). Once I fixed that and made sure they matched when testing locally, it worked just fine. In this case, on the other hand, I made sure the URLs do match, yet I get the same error.

Here's what I have in Postman that does work:


Screenshot from 2021-10-05 15-35-45.png


Any thoughts? Maybe it's an issue with Flask-Dance somehow?
Reply all
Reply to author
Forward
0 new messages