Desktop applications only support the oauth_callback value 'oob'/oauth/request_token


My application was set as a web app, or at least that’s what I meant… I’m trying to check that but I can’t find it. Can I change it after creating the app?
Is that why I’m getting that (subject) error message while requesting the access token?



Hi @sebagomez,

The new interface simplifies this: if you provide a placeholder callback URL in the field for it in your application detail screen, it allows you to use dynamic callbacks. So just go ahead and put a placeholder in there (doesn’t have to be the actual dynamic/runtime callback you use) and you’ll be able to use other forms of auth.

When no placeholder is presented, the application is locked to OOB mode.


it worked!


I’m getting this error for android app !
Is my consumer secret incorrect or something?
Would xauth work?


If you’re getting this error, it means that you haven’t configured your application to accept dynamic URL-based callbacks. You can enable this behavior by providing a placeholder callback URL on your application detail edit screen.


how to put place holder in website… :frowning:


thanks but the application settings description was not clear about this


“OAuth 1.0a applications should explicitly specify their oauth_callback URL on the request token step, regardless of the value given here. To restrict your application from using callbacks, leave this field blank.”


we just need to fill the "Callback URL: " input box in the settings. then things will work fine :).


@episod thanks


I’m getting this error two with my client, I understand now that I to change the Callback URL in my application, but can anyone show me a sample input? or can I give it any value?
Note: I want to use oauth_callback header in my application.


What I can understand the error message is that my application is a Desktop application. I need to change it type to web application. But how? I don’t see anything on my application settings that allows me to change my application type (just type of access)


Provide a callback URL in the field that asks for one in your application record – it doesn’t have to be the callback URL actually used in the auth sequence, but until a value is in that field your API key will be “protected” from callback usage.


Thank you so much. I just put a random URL in my app settings and it works perfectly now.


Placeholder in the callback url worked for me too! Thanks!


Workerd join!


thanks @episod


Problem solved, thanks.
But, what is the ‘call_back URL’ used for? Since it can be any legal URL


You are awesome. Thanks!


Is not a simplification if you got a put a fake callback url (or placeholder) just so it accepts dynamic callbacks. They could do a better job explaining this.