API Redirect URI Mismatch


(Sam) #1

New to the Monzo API and trying to set up a webhook on my server, part of the webhook requires moving money to/from pots, so authentication needs to happen at various stages. So I’ve set up a process to authenticate a user, the Monzo email gets sent successfully, and when the link in the email is clicked, my server can process the authentication code. Now the next step is exchanging the code for an access token, here is where it fails. I create a http request as outlined in the Monzo API docs, with the redirect_uri being the same as the one that is used for the user authentication step (I have registered this URI as a Redirect URI in the Client settings on the Monzo developer portal). When I send this request, monzo responds with:

{"code":"bad_request.bad_authorization_code.redirect_uri_mismatch","error":"invalid_request","error_description":"Invalid redirect URI","message":"Invalid redirect URI"}

My http request is formatted as follows (using Python and the requests module):

url = https://api.monzo.com/oauth2/token
form = {
    "grant_type": "authorization_code",
    "client_id": global_client_id,
    "client_secret": global_client_secret,
    "redirect_uri": global_redirect_uri,
    "code": code
}
requests.post(url, data=form)

Anyone know why monzo won’t accept the redirect_uri? The URI is accepted when given as the redirect uri for the email authentication stage…


(jamesgillard) #2

@sammyspills Did you ever work out what had caused this? I’m currently facing the same issue. This is when testing locally using a redirect service like lvh.me or tolocalhost.com, as well as when directly redirecting to localhost.


#3

Are you able to write the URLs to a log just so you can check the URLs are identical and not double urlencoded
or something somehow?

All I can really do is confirm it does work :neutral_face:


(jamesgillard) #4

I just came back to this without having changed any code, and it worked first time. Maybe a delay in the Redirect URLs field at https://developers.monzo.com/apps/ being propagated? Thanks for chipping in :slight_smile: