187

Beginner programmer here, please pardon ignorance & explanations will be really nice :)

I've tried to read the tutorials for a certain OAuth 2.0 service, but I don't understand this redirect URI... in my particular context, let's say I'm trying to build an iPhone app that uses OAuth 2.0 for some service. I have an App ID that was generated, but i need to provide some sort of redirect URI to generate the API key.

Is this a URL that I'm supposed to host somewhere myself?? As the name suggests, I would think that the redirect URL is supposed to "redirect" someone somewhere. My only guess is that it's the URL a user is redirected to after they log in to the service.

However, even if that assumption is correct, I don't understand one other thing - how can my app be opened again after I've sent them to the browser for the user login?

Andrew Brēza
  • 5,779
  • 2
  • 30
  • 39
David T.
  • 18,561
  • 18
  • 61
  • 115

4 Answers4

196

Read this:

http://www.quora.com/OAuth-2-0/How-does-OAuth-2-0-work

or an even simpler but quick explanation:

http://agileanswer.blogspot.se/2012/08/oauth-20-for-my-ninth-grader.html

The redirect URI is the callback entry point of the app. Think about how OAuth for Facebook works - after end user accepts permissions, "something" has to be called by Facebook to get back to the app, and that "something" is the redirect URI. Furthermore, the redirect URI should be different than the initial entry point of the app.

The other key point to this puzzle is that you could launch your app from a URL given to a webview. To do this, i simply followed the guide on here:

http://iosdevelopertips.com/cocoa/launching-your-own-application-via-a-custom-url-scheme.html

and

http://inchoo.net/mobile-development/iphone-development/launching-application-via-url-scheme/

note: on those last 2 links, "http://" works in opening mobile safari but "tel://" doesn't work in simulator

in the first app, I call 

[[UIApplication sharedApplication] openURL:[NSURL URLWithString:@"secondApp://"]];

In my second app, I register "secondApp" (and NOT "secondApp://") as the name of URL Scheme, with my company as the URL identifier.

Halalbin
  • 95
  • 11
David T.
  • 18,561
  • 18
  • 61
  • 115
  • 1
    So, you do need to set up your own web site given in the redirect_uri, is that correct? – huggie Sep 01 '14 at 05:07
  • 1
    @huggie in the context of iOS apps - no, fortunately, you don't need your own website. you just need to realize that your iOS app can be opened from a URL given to the web browser. read: http://iosdevelopertips.com/cocoa/launching-your-own-application-via-a-custom-url-scheme.html – David T. Sep 03 '14 at 00:14
  • and why doesnt secondApp:// doesn't work as URL? I ran into same error, and realized that :// doesn't work, but haven't figured out the why yet – Nazerke Apr 01 '15 at 06:29
  • 1
    @Nazerke it probably adds that "://" for you already. so you only need to scheme name – David T. Apr 01 '15 at 19:11
  • @Atieh i didn't. but similar concept applies. you can register your app to parse & accept a custom URL scheme, and route that directly to an Activity which accepts that custom intent. – David T. May 11 '15 at 22:44
  • 1
    someone pls fix this answer -- http://architecture-soa-bpm-eai.blogspot.com.br/2012/08/oauth-20-for-my-ninth-grader.html does not exist anymore – Leo Mar 11 '16 at 21:28
  • I am implementing oAuth server. Im stuck at the point at which I have to close my dialogue and send the client to redirect URI. Any help would be much appreciated. – Muneeb Zulfiqar May 15 '16 at 13:48
  • 2
    Hi @DavidT. great answer. They only concern, and hope you can save me, is how to configure schemes for URI's that are forced to use `http://`, such as `[YouTube, Instagram, LinkedIn]` ? I tried to register for example `http://localhost/oauth2callback` redirect, and the scheme http, localhost, or oauth2callback but non of them work – Tal Zion Nov 15 '16 at 09:50
  • @TalZion you should probably ask that as a separate question so that you can provide more details and more people can look at it. but basically, those HTTP ones are given by the system typically. see: https://developer.apple.com/library/content/documentation/iPhone/Conceptual/iPhoneOSProgrammingGuide/Inter-AppCommunication/Inter-AppCommunication.html – David T. Nov 16 '16 at 01:05
9

redirected uri is the location where the user will be redirected after successfully login to your app. for example to get access token for your app in facebook you need to subimt redirected uri which is nothing only the app Domain that your provide when you create your facebook app.

Dhirender Tyagi
  • 305
  • 1
  • 3
  • 10
9

Take a look at OAuth 2.0 playground.You will get an overview of the protocol.It is basically an environment(like any app) that shows you the steps involved in the protocol.

https://developers.google.com/oauthplayground/

Reckoner
  • 889
  • 1
  • 10
  • 24
2

If you are using Facebook SDK, you don't need to bother yourself to enter anything for redirect URI on the app management page of facebook. Just setup a URL scheme for your iOS app. The URL scheme of your app should be a value "fbxxxxxxxxxxx" where xxxxxxxxxxx is your app id as identified on facebook. To setup URL scheme for your iOS app, go to info tab of your app settings and add URL Type.

Dániel Nagy
  • 10,907
  • 7
  • 44
  • 56
Kunal Khanna
  • 551
  • 6
  • 6