debugMajorpending
OAuth2 redirect URI mismatch error
Viewed 0 times
redirect_uri_mismatchOAuth2redirect URIauthorization codeGoogle OAuth
browsernodejs
Error Messages
Problem
OAuth login fails with redirect_uri_mismatch error. The redirect works in development but fails in staging or production environments.
Solution
(1) The redirect URI in your auth request must EXACTLY match one registered in the OAuth provider console — including trailing slashes, http vs https, port numbers, and path. (2) Register all environment-specific URIs: localhost:3000 for dev, your staging URL, your production URL. (3) Common mismatches: http vs https, www vs non-www, trailing slash difference. (4) Some providers require the redirect_uri parameter even if only one is registered. (5) For Google OAuth: check both authorized redirect URIs and authorized JavaScript origins.
Why
OAuth providers enforce exact redirect URI matching as a security measure to prevent authorization code interception attacks. Even a trailing slash difference causes rejection.
Revisions (0)
No revisions yet.