OAuth callback URL lockdown

oauth

#22

Hi @robertc Wildcards/patterns at the domain level are not permitted, but querystrings / parameters are possible.


#23

I mean if my consumer key is t6qguwxwIKCj7aCtBKcNqxxxx, the URL will be twitterKey-t6qguwxwIKCj7aCtBKcNqxxxx://. I add no wildcard URL into Callback URLs.


#24

I mean if my consumer key is t6qguwxwIKCj7aCtBKcNqxxxx, the URL will be twitterKey-t6qguwxwIKCj7aCtBKcNqxxxx://. I add no wildcard URL into Callback URLs.


#25

Hi @happycamper
We have an international site available across 30 domains and they each have a desktop and mobile URL for live, QA and development so it adds up to many URLs - we are not too worried about QA and dev for the moment but getting more than 10 callbacks on one app would be very helpful.
Thanks


#26

While I agree adding more than 10 urls would be good, given that your websites are currently broken and don’t want to wait for all this to happen, it can be solved with few minutes of coding…
Just have one domain as your auth callback and pass the domain you want to redirect to as a parameter, then dispatch the twitter response to the appropriate domain based on that parameter.


#27

Yes, that is the long term solution, deploying the solution to all of the domains will be the time consuming part of the project more than the coding I think.