genetic-orange
genetic-orange5d ago

Using custom Client id and Client Secret. But what should the callback url be?

I need to whitelist the correct callback URL but what is the correct URL, I cannot find the docs
35 Replies
exotic-emerald
exotic-emerald5d ago
Hey @pinkponk, are you using triggers??
genetic-orange
genetic-orange5d ago
No not yet. I’m just setting things up to try this instead of my own auth flows for my saas app but i cant have composio logo on the consent screens. I want to use my own ”application” but when i need to tell for example google which callback url is safe for my application auth flow
exotic-emerald
exotic-emerald5d ago
You can add this
No description
exotic-emerald
exotic-emerald5d ago
Lemme know if it works for you 🙌
genetic-orange
genetic-orange4d ago
tried it on Google but just get Access blocked: This app’s request is invalid Error 400: redirect_uri_mismatch Don't know if I have done something wrong. I didn't spend too much time on this. I tried adding composio.dev as an authorized domain. But is the idea of composio that this should be possible. I mean for SAAS developers to handle their users and for me to be able to use my own client_id etc just as long as I add the Authorised redirect urls?
exotic-emerald
exotic-emerald4d ago
Can't get your question. Other than that we provide integrations for that.
genetic-orange
genetic-orange4d ago
What I'm trying to do is to for instance add Google integration but use my own Client_id and client_secret, see image 1 I then try to add an account, image 2. But then I get from google, image 3. clicking error details says Error 400: redirect_uri_mismatch Request details: flowName=GeneralOAuthFlow I tried adding composio.dev as a trusted domain for my application in cloud console on google as I thought I needed to tell google to trust composio.dev when it redirects which is why I asked my original question. I tried adding it but still the same error., see image 4. So my new question is, where are the docs for this? and should this be possible? I mean I want my logo to be shown on the consent screen and not composio.
No description
No description
No description
No description
exotic-emerald
exotic-emerald4d ago
Have you added this in redirect URIs?? Rest I am confirming regarding your question Add the 3rd one and it will work
genetic-orange
genetic-orange4d ago
omfg so sorry, I had added this to the wrong application which had the same name... and which weren't a "web application" but a "desktop application" . It now "works" but it still says composio.dev "to continue to composio.dev" see images So again why can't I get my own logo and name instead of composio?
No description
No description
ratty-blush
ratty-blush4d ago
hey - you will need to use your own oauth2.0 credentials to get your own own logo and name, which you can get from your google cloud console. Here's you can do it: https://support.google.com/cloud/answer/6158849?hl=en#zippy= Before creating the OAuth 2.0 credentials, you need to enable the Google Drive APIs and then select the relevant scopes while creating OAuth 2.0 credentials. However, your users will see "Not Verified" on this OAuth page as you need to get your OAuth 2.0 app verified and might need to go through the CASA Tier 2 assessment for restricted scopes.
Setting up OAuth 2.0 - Google Cloud Platform Console Help
To use OAuth 2.0 in your application, you need an OAuth 2.0 client ID, which your application uses when requesting an OAuth 2.0 access token. To create an OAuth 2.0 client
genetic-orange
genetic-orange4d ago
Yes I'm using my own cliend_id and client_secret but I still don't get my own logo. When running my own setup I do get my own logo but when I try use the same client_id with composio is just says composio.dev. I can see in the url that composio redirects with the same client_id I use for my other setup which has my logo.
ratty-blush
ratty-blush4d ago
This is weird. Can you confirm if you setup Client Id and Secret when creating the integration as shown in the attached video?
genetic-orange
genetic-orange4d ago
I confirm that I did what you did in the video and here are some screenshots showing that I indeed use my own client_id. I removed the cliend_secret for obvs reasons
No description
No description
No description
No description
No description
No description
genetic-orange
genetic-orange4d ago
All I know is that when I run this with my own auth tools I get the correct consent screen with my logo
ratty-blush
ratty-blush4d ago
Yup - Everything is perfect. Let me try this on my end. I just verified this - this is working perfectly - do you want to get on a quick call to sort this out right now?