Is there a way to change the redirect uri rather than using http:127.0.0.1:4446/callback


#1

Hi all,
Is there a way to change my redirect uri to some other url???
And when I used the original redirect uri (http:127.0.0.1:4446/callback) I am able to see the access token, refresh token and id token in the UI. Can I hide those token from not displaying the UI page so that it is not visible to the user.

Thanks in advance


#2

Not sure why are you trying to hide the tokens and why do you care. If your application (browser-based) gets the tokens, it will use them. The user will be able to see these tokens anyway with a simple plug-in or using the developer tools. These tokens are not confidential and they belong to the user who is accessing the browser.

If you want to really separate the token acquisition phase, use the authorization code instead.


#3

Of course you can change the redirect url - otherwise OAuth2 wouldn’t work


#4

Hi ngrigoriev,
I know that the user can see the token with plugin’s or developer tools, but i think it is not apporpriate to show the token’s in the web page for the user’s when they login it is my point of view on this. Is it possible to do so ???

Thanks
Kishan R


#5

Hi arekkas,
Can you tell how to do that like an example I tried to change my the callback url and I got this error
The "redirect_uri" parameter does not match any of the OAuth 2.0 Client's pre-registered redirect urls. I know that I should not change the callback url but I just gave it anyway.

Thanks
Kishan R


#6

Also is there a way to store my access token, refresh token in a database. As the callback url is http:127.0.0.1:4446/callback which is begin generated from docker the access token are been shown in the UI page so is there a way to store them so that i can use them for authenticate purpose for API’s. As the access token which i am getting is in html content i need to change it to json.

Thanks
Kishan R