Non-standard domain suffix not working for callback URL

[Sid]

Hi,

My dev and staging environments have the following suffixes:

.local
.internal

When I enter a callback URL in the "Authorize these OAuth 2.0 redirect
URIs" window (dev.blablabla.local/picasa/callback.php) I get the
following message:

* OAuth 2 redirect URL "dev.blablabla.local" is invalid.

Seems like it only accepts *.com URLs. Is there anyway you can allow
non *.com suffixes?

Thanks,
Sid

[wanghq]

No others get this problem?

What's interesting is that some other domain extensions are allowed, like example.us, example.me.

[Benjamin Carl Wiley Sittler]

At present only domain names which are widely supported can be registered with Google for use by OAuth 2 web applications. The examples you gave (".us" and ".me") are country-code top-level domains for the United States of America and Montenegro, respectively. As a special case, localhost also may work well enough to allow local testing by web application developers.

OAuth 2 native and installed applications can also use localhost redirects, and can also use non-redirect methods to get OAuth flow results.

In general, domain names which do not have well-understood meanings can't work for regular web applications (where the Google OAuth 2 implementation supports "auto-approval" when a previous equivalent request was authorized) since the authorization server does not know whether the same name likely refers to a host for the same application for the same user using two different browsers, or even using the same browser at two different times.

--
You received this message because you are subscribed to the Google Groups "oauth2-dev" group.
To view this discussion on the web visit https://groups.google.com/d/msg/oauth2-dev/-/btBi54f6RwcJ.
To post to this group, send email to oauth...@googlegroups.com.
To unsubscribe from this group, send email to oauth2-dev+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/oauth2-dev?hl=en.