Google OAuth2 integration Error 400: redirect_uri_mismatch

Asked 6/9, 2021 at 9:14 Answered 22/8, 2023 at 21:25

Solved spring-boot oauth-2.0 google-oauth google-developers-console google-cloud-console

I'm getting this error Error 400: redirect_uri_mismatch even after giving the proper redirect uri. You can check the images below for the reference. It works for my localhost but it shows this error for my server. My domain looks like https://xxx.topLevelDomain.com. I'm not able to find the possible cause of this issue after surfing most of the issues related to this error. Although, I guess the issue maybe because I'm using a subdomain here, but still not sure if its the issue.

Application info:

frontend is in react hosted on https://someTopLevelDomain.com
backend is in spring boot hosted on https://someSubdomain.someTopLevelDomain.com

Crescen answered 6/9, 2021 at 9:14 Comment(0)

Your application is sending from as http to a .com domain

In google developer console you have only one http domain listed and that is localhost

The redirect uri you are sending from must exactly match one that you have added in google cloud console.

To understand how to set up your redirect uri properly check Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.

where is the redirect uri comming from

Depending upon the programing language, the ide and the client library you may be using will define what redirect uri your application is calling from.

For example i know that visual studio likes to add random ports with C#. I cant tell you what is generating your redirect uri i can only tell you that

The following needs to be added to your google cloud console.

http://________.com/login/oauth2/code/Google

or you need to figuer out what is setting the host on your requests and set it to use https so that you can use the one that you have there now

https://________.com/login/oauth2/code/Google

Manis answered 6/9, 2021 at 11:32 Comment(5)

I have a https and http domain added in the redirect_uri, http one being the localhost, which works as intended, the https one being the subdomain one , which is not working. I don't understand why it shows http in the google warning when my app is on https. – Crescen 6/9, 2021 at 12:28

Yes but your application appears to be sending from http ://________.com/login/oauth2/code/Google which means you need to add http ://________.com/login/oauth2/code/Google right now you have only https ://________.com/login/oauth2/code/Google added. Your application, your ide or the client library you are using is generating the redirect uri. You just need to add what ever its telling you that you are using as a redirect uri in google developer console (Note had to add a space before the : or SO wouldnt render the string) – Manis 6/9, 2021 at 13:0

Got it. Thanks a lot. – Crescen 6/9, 2021 at 13:46

@DaImTo you cant use a http scheme for a google oauth thats "in production" – Banta 2/9, 2022 at 22:19

that is correct you cant use localhost either and it has to be a domain that you have registered. – Manis 3/9, 2022 at 14:33

The problem is at the line flow.run_local_server(port=0) of the quickstart.py file.

When port=0, the operating system will dynamically assign an available port number, which is useful in cases where the default port is already in use by another process. So you need to change this to say for example flow.run_local_server(port=8000) and register in the credentials page.

I just quoted the answer from here: https://mcmap.net/q/1476215/-google-oauth-2-0-redirect_uri_mismatch-port-changed-on-callback

Utoaztecan answered 22/8, 2023 at 21:25 Comment(0)

Change https to http

Authorized redirect URIs

http://someTopLevelDomain.com/api/auth/google/callback

Stodge answered 18/3, 2023 at 0:12 Comment(0)

where is the redirect uri comming from

Recommended topics

Hot tags