Application OAuth callback URL can't be whitelisted

chockenberry · 2018-05-21T18:19:26.384Z

In preparation for the callback URL whitelisting, I went to our app settings page and tried to add this callback URL:

twitterrific://authenticate

The page reports:

“The client application failed validation: Not a valid callback URL format.”

This is a valid URL and the scheme is registered on both iOS and macOS. I’m guessing that there is an assumption that callbacks will always be http: or https:.

A registered URL scheme is the only way to get the verified OAuth tokens back to an app, so this validation check needs to be updated.

-ch

andypiper · 2018-05-22T14:06:53.582Z

Double-checked here, and it turns out that for a mobile app with an app-specific callback like this, you would just use the protocol i.e. twitterrific://

sabithaxavier · 2018-06-28T07:05:50.363Z

Hw to whitelist our callb ack URL?

jamesreggio · 2018-07-02T20:15:33.219Z

This really needs to be put into the docs (and/or into the error message itself). This is not self-evident in any way, given that the web callback whitelist requires a full scheme + hostname + path.

LeBraat · 2018-07-02T21:26:07.022Z

Noted. Thank you for the suggestion @jamesreggio. We will make sure to adjust the docs accordingly.

LeBraat · 2018-07-02T21:26:16.158Z