function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
PhilippeMPhilippeM 

Oauth 2 redirect uri with custom parameters

Hi there,

 

After few hours trying to make it works, I find myself stuck and need your advice. I'm trying to implement the oauth2 workflow for our app, but I'm stuck with the redirect_uri...

 

We have 2 issues here:

 1 - Our redirect uri looks like the following

https://domain.com/rest/<user_id>/user/connect/salesforce?at=<credentials>

 

Where user_id is the id of  current user (obvious) and at=<credentials> is mandatory because our endpoint is secured and the call will fail without this value.

 

The problem here is that the redirect uri is different from one user to another because it contains the user_id. 

 

So I managed to change the previous url into

https://domain.com/rest/~/user/connect/salesforce?at=<credentials>&user_id=<user_id>

 in order to make the uri the same for all the user and be able to configure the application oauth callback.

 

2 - The second problem is that after the user authorized our application Salesforce redirect it to the specified redirect uri... But it has removed the query string parameters at and user_id... so we got stuck because our endpoint fails because the at param is missing and we're unable to determine who is the current user without the user_id param.

 

any idea?

 

I saw that people usually use the state parameters to pass data accross the steps, but I'm not a big fan Why do you remove the query string parameters from the redirect uri instead of just adding yours?

 

Regards,

 

Philippe

Ashish_SFDCAshish_SFDC
Hi Philippe, 


In a user agent flow, the redirect_uri is the location that the user gets redirected to after they click Approve on the approval page. Appended onto the redirect_uri are a hash fragment, and then the access_token, instance_url, and other oauth parameters.

See the below links, 

http://stackoverflow.com/questions/10608312/oauth2-why-do-we-need-redirect-uri-for-user-agent

http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com


Regards,
Ashish
Asif Ali MAsif Ali M
Philippe,

That is exactly where you need to use 'state' param. Use this param to pass any number of params (urlencoded and ofcourse based on GET limits) that you want to maintain your user state and when the user comes back to redirectURL read the 'state' value from GET and do the redirection or whatever you want.

Please findout more about state here.
https://help.salesforce.com/articleView?id=remoteaccess_oauth_web_server_flow.htm&language=en&type=0
https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com