invalid_request: The `redirect_uri` parameter does not match a valid url for the application.

I’m using passport-asana to pass a few credentials to an OAuth server (on asana.com).

I get to the scope grant page, and log into the service.

But during the callback step I see this in the browser window:

/*
invalid_request: The `redirect_uri` parameter does not match a valid url for the application.
*/

Here is how I’m passing OAuth credentials, and also the route handlers for the initial and callback OAuth steps:

const callbackURL: string = `${process.env.DOMAIN}/oauth/callback`;

const asanaStrategy = new AsanaStrategy({
  clientID: process.env.ASANA_CLIENT_ID,
  clientSecret: process.env.ASANA_CLIENT_SECRET,
  callbackURL,
}, (asanaAccessToken: any, asanaRefreshToken: any, asanaProfile: any, doneCallback: Function) => {
  findAndPassUserToSerializer(asanaProfile.id, doneCallback);
});

passport.use(asanaStrategy);


// router file, exporting passport object above
router.get(
  '/oauth',
  passportWithAsanaStrategy.authenticate('Asana'),
  (req: Request, res: Response) => { /* IGNORED */ },
);

router.get(
  '/oauth/callback',
  passportWithAsanaStrategy.authenticate('Asana', { failureRedirect: '/login' },
    (req: Request, res: Response) => {
    // Successful authentication, redirect home.
      res.redirect('/');
    }),
);

Also tried

Encoding the first line with encodeURI:

const callbackURL: string = encodeURI(`${process.env.DOMAIN}/oauth/callback`);

The error is the same.

Any other ideas on how to fix this?

Hi @Sean_DeSilva and welcome to the forum,

I’m not familiar specifically with passport-asana but have you insured that the callback URL you’re using is specified as a Redirect URL in the Asana developers console for an app you’ve created there?

Also it has to be HTTPS or localhost I believe

Thank you Phil and Bastien for making me aware of the whitelist and https requirements, I need to do both!