This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Help

OAuth 2.0: Incorrect Authorization Flow

Topic Labels: API
2899 10
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
ashtontito
5 - Automation Enthusiast
5 - Automation Enthusiast
See Solution in Thread

‎Dec 14, 2022 01:51 PM

Reproduction Steps:

  1. Generate the https://airtable.com/oauth2/v1/authorize endpoint with the expected query string parameters specified in the authorization reference
  2. Open an incognito browser window (In my case I used Google Chrome 64-bit Version 87.0.4280.141 on Windows) and paste the link in step 1.
  3. You are taken to a login prompt as expected
    ashtontito_0-1671053889800.png
  4. Enter your email, and you are then moved to a "Verify it's you" security prompt, complete the actionsashtontito_1-1671053998155.png

     

  5. You are then taken back to the login prompt where you can enter your passwordashtontito_2-1671054099391.png
  6. After entering your password, you are then redirected to the home page of the account you logged intoashtontito_3-1671054203463.png

     

  7. In order to continue with the authorization workflow, you have to re-enter the authorization URL generated in Step 1 into the same browser window session, which then takes you to the page to verify/accept scopes and access of your OAuth 2.0 applicationashtontito_4-1671054347391.png

     

  8. Then you are redirected back to the specified redirect URI where you can complete the flow required to get an access token.

Expected

In Step 6, you should immediately be sent to the page that asks you to verify/accept scopes of your OAuth 2.0 application, instead of just taking the user to the home page of their Airtable account. The current behaviour causes problems for implementations/consumers of Airtable OAuth 2.0 that expect to be able to complete the authorization flow by only initiating the request in Step 1 once.

Reply
10 Replies 10
adenitiree
4 - Data Explorer
4 - Data Explorer
See Solution in Thread

‎Jun 05, 2023 07:34 AM

@Emma_Yeap Was testing Airtable API by following the instruction provided inside the documentation.However, while performing oAuth2, I always encounter this error This third-party app failed to properly construct a request to Airtable: failed to include a redirect_uri in the request 

I still got the same error despite including the redirect URL along with the request.

0 Kudos
Reply
Copyright © 2024 Khoros, LLC