redirect_uri issue in REST based oAuth2 request

0
votes

I am getting this in response

The redirect URI in the request, urn:ietf:wg:oauth:2.0:oob:auto, can only be used by a Client ID for native application. It is not allowed for the 'WEB' client type. You can create a Client ID for native application at https://console.developers.google.com/apis/credentials/oauthclient

for:

https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/webmasters&client_id=____.apps.googleusercontent.com&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code&approval_prompt=force&access_type=offline

from my WordPress dashboard.

Searched a lot and tried variations but can't resolve the idea of native app vs web app. Can someone please provide me some clue?

1
wordpressoauth

1 Answers

1
votes

I'm not sure this information is helpful, but what I can say is that the difference between native applications and web applications is mentioned in "2. Client Metadata" of OpenID Connect Dynamic Client Registration 1.0 as follows:

application_type

OPTIONAL. Kind of the application. The default, if omitted, is web. The defined values are native or web. Web Clients using the OAuth Implicit Grant Type MUST only register URLs using the https scheme as redirect_uris; they MUST NOT use localhost as the hostname. Native Clients MUST only register redirect_uris using custom URI schemes or URLs using the http: scheme with localhost as the hostname. Authorization Servers MAY place additional constraints on Native Clients. Authorization Servers MAY reject Redirection URI values using the http scheme, other than the localhost case for Native Clients. The Authorization Server MUST verify that all the registered redirect_uris conform to these constraints. This prevents sharing a Client ID across different types of Clients.

Also, see "9. Native Applications" in RFC 6749.

I recommend you to ask Google about how to specify the application type of your client application.