3. Record the code that comes back
We will redirect him/her to your redirect_uri with a code parameter in its query string, so a request will come through like this:
GET http://www.myapp.com/oauth_callback?code=...
There is a minor problem/inconvenience with that process. When client clicked on the authorization url and you redirected a request to the application callback with the code, there is no information who authorized that.
This is probably OK for entirely manual registration, however it would be really helpful to attach a client slag '{slug}.nationbuilder.com' which I generated the Authorization request for:
GET http://www.myapp.com/oauth_callback?code=...&client={slug}.nationbuilder.com
Do you like this suggestion?
Showing 2 reactions
Sign in with