Start a new topic
Answered

"Other" Oauth2 Provider

I feel like I might be missing simple in the auth flow using a custom provider.


I'm trying to authenticate against my own service, but I'm not sure what to set as the "redirect_uri" parameter in the LaMetric developer dashboard. If I understand Oauth2 correctly, on a mobile app this is supposed to be something that the app responds to like "lametric://auth_response" or something like that. Passing in a public URL (like "http://azazaz.com/" in the GitHub example) just redirects the login frame to that URL.


In my service (on the client, using JS), after successful authentication I'm redirecting the browser to <redirect_uri>+#state=<state>&token_type=Bearer&access_token=<token>. Is that not the correct flow?


Best Answer

Hey snyper7,


Let me explain. Redirect URI actually can be any URI but should meet single rule. It must be the same on your service (when registering app for client id and client secret) and in your LaMetric app configuration. That is how our mobile client knows when redirection occurs and gets access/refresh tokens. We often use http://lametric.com/redirect as redirect URI. It should work for you as well.


Another important thing is that you should always request offline access (depends on OAuth2 provider). If offline access is not requested - no refresh token will be given. This means that app will stop refreshing data in two hours or so. 


Hope this helps.

1 Comment

Answer

Hey snyper7,


Let me explain. Redirect URI actually can be any URI but should meet single rule. It must be the same on your service (when registering app for client id and client secret) and in your LaMetric app configuration. That is how our mobile client knows when redirection occurs and gets access/refresh tokens. We often use http://lametric.com/redirect as redirect URI. It should work for you as well.


Another important thing is that you should always request offline access (depends on OAuth2 provider). If offline access is not requested - no refresh token will be given. This means that app will stop refreshing data in two hours or so. 


Hope this helps.

Login or Signup to post a comment