authentication – Google OAuth 2 authorization – Error: redirect_uri_mismatch

authentication – Google OAuth 2 authorization – Error: redirect_uri_mismatch

The redirect URI (where the response is returned to) has to be registered in the APIs console, and the error is indicating that you havent done that, or havent done it correctly.

Go to the console for your project and look under API Access. You should see your client ID & client secret there, along with a list of redirect URIs. If the URI you want isnt listed, click edit settings and add the URI to the list.

EDIT: (From a highly rated comment below) Note that updating the google api console and that change being present can take some time. Generally only a few minutes but sometimes it seems longer.

In my case it was www and non-www URL. Actual site had www URL and the Authorized Redirect URIs in Google Developer Console had non-www URL. Hence, there was mismatch in redirect URI. I solved it by updating Authorized Redirect URIs in Google Developer Console to www URL.

Other common URI mismatch are:

  • Using http:// in Authorized Redirect URIs and https:// as actual URL, or vice-versa
  • Using trailing slash (http://example.com/) in Authorized Redirect URIs and not using trailing slash (http://example.com) as actual URL, or vice-versa

Here are the step-by-step screenshots of Google Developer Console so that it would be helpful for those who are getting it difficult to locate the developer console page to update redirect URIs.

  1. Go to https://console.developers.google.com

  2. Select your Project

Select

  1. Click on the menu icon

Click

  1. Click on API Manager menu

Select

  1. Click on Credentials menu. And under OAuth 2.0 Client IDs, you will find your client name. In my case, it is Web Client 1. Click on it and a popup will appear where you can edit Authorized Javascript Origin and Authorized redirect URIs.

Select

Note: The Authorized URI includes all localhost links by default, and any live version needs to include the full path, not just the domain, e.g. https://example.com/path/to/oauth/url

Here is a Google article on creating project and client ID.

authentication – Google OAuth 2 authorization – Error: redirect_uri_mismatch

If youre using Google+ javascript button, then you have to use postmessage instead of the actual URI. It took me almost the whole day to figure this out since Googles docs do not clearly state it for some reason.

Leave a Reply

Your email address will not be published.