Discussions

Discussions

Ask a Question
Back to All

Correctly specifying a Redirect URI

10 days ago by Rico Kogleck(edited)

From what I understand, there are to ways to obtain the authorization code to get an access token:

  • Specify a redirect URI, to which Candis will redirect the user after they granted access to the client application, and extract the code from the passed query parameter there.
  • Manually copy-paste the code displayed in the browser after the user granted access to the client application.

What the documentation tells us about the first option:

https://developer.candis.io/docs/how-to-authenticate


While trying out the first option, I ran into an error:

Apparently, my URI is deemed unworthy.

Following redirect_uri works:
https://my.candis.io/authentication_code


Is there some restriction on which URIs can be use? It is not supposed to just be the Candis Homepage, right?


Also, I wondered if the fact that I have to specify the same redirect_uri for both endpoints is just a security precaution, or if there is some other reason behind it.

Get Authorization code endpoint:

https://developer.candis.io/reference/get-authentication-code


Create or refresh access token endpoint:

https://developer.candis.io/reference/post_token

redirect url