Unable to add the Authorized redirect URIs [385114300]

Assigned

Bug

Status Update

No update yet.

Description

al...@google.com

created issue #1

Dec 19, 2024 02:45PM

Problem you have encountered:
- Unable to add the Authorized redirect URIs and getting the error message [1].
- This issue usually happens when the authorization request does not match an authorized redirect URI for the OAuth client ID as per the documentation [2]. Because of this, I’ve been analyzing the endpoint of the request, to check if it matches with the Authorized Redirect URI added in your project.
- We have tried to add the URI in both Authorized JavaScript origins and Authorized redirect URIs. After trying to add it, getting errors as need .com or .org can you help me in adding this URI.
- As per documentation [3], the suffix name .corp which we are using is not in the list of public suffix list.

Any other domain is not accepted and it throws a validation error which blocks from creating the client ID. Note that most enterprise applications (which are valid javascript origins) are hosted internally within their network and their domain is usually ".corp". Hence improve the validation on "Authorised Javascript origin" text field to accept urls ending with ".corp" as valid entry.

What you expected to happen:
URLs ending with ".corp" are allowed as authorized javascript origins.

Steps to reproduce:
1. Go to

https://console.cloud.google.com/apis/credentials/oauthclient or APIs & Services > Credentials > + Create credential > oAuth client ID
2. Select Web application as Application Type
3. Click "Add URI" under "Authorised JavaScript origins"
4. Enter a URL ending in .corp e.g "

https://internal-app.mycompany.corp"
5. The "Create" button is not enabled to create the credential.

Other information (workarounds you have tried, documentation consulted, etc): There is one public issue tracker #179172843.

[1]: 400 redirect uri mismatch could you please assist as is
am unable to add (

https://xxxxxxxxxxxxx.corp/) in
Authorized redirect URIs
[2]:

https://developers.google.com/identity/protocols/oauth2/web-server#authorization-errors-redirect-uri-mismatch
[3]:

https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow#origin-validation

Comments

va...@google.com <va...@google.com> Dec 20, 2024 07:07AM

Assigned to du...@google.com.

ar...@airbus.com <ar...@airbus.com> #2Dec 20, 2024 08:19AM

I have forwarded this request to the engineering team. We will update this issue with any progress updates and a resolution.

Best Regards,
Josh Moyer
Google Cloud Platform Support

du...@google.com <du...@google.com> #3Dec 23, 2024 02:12PM

Reassigned to gc...@google.com.

This is not only useful for IP addresses, but also for many other resources. I understand that names are currently used as identifiers, so this request is probably not trivial to implement. Maybe distinguishing between a (numeric, automatically generated) identifier and a (textual) label is the way to go?

Issue 385114300

Description

Issue summary

Comments

va...@google.com <va...@google.com> Dec 20, 2024 07:07AM

ar...@airbus.com <ar...@airbus.com> #2Dec 20, 2024 08:19AM

du...@google.com <du...@google.com> #3Dec 23, 2024 02:12PM

Add comment

Issue metadata