3

I am using the new Box.com Android library v2 hosted on Github by Box to develop an Android app which allows managing Box.com files. I stuck at exchanging the authToken for an accessToken.

When I don't specify a redirect_Uri I will get a "redirect_Uri_missmatch" error right after I allowed the app to access my box files.

However, when I specify a redirect_Uri the authToken will be send to the URL which I specified in as redirect_Uri. I tried to use localhost, my own website and oob as redirect_Uri but nothing seems to work. The authToken is send to the url but is not detected by the library which than throws an Exception.

So the question I have - what redirect_Uri do I have to specify?

Basic Coder
  • 10,882
  • 6
  • 42
  • 75

1 Answers1

-1

You can use localhost only if your application is in development (not-published the app marketplace).

If you are building a mobile app, several people have posted about how to register for a URI for your application on the iOS or Android device. Something along these lines explains your options: http://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified

You should register on the Box developer pages what redirect-uri your app uses, and then you need to pass that same URI in with your authentication requests.

Peter
  • 2,551
  • 1
  • 14
  • 20
  • After hours of debugging I figured out that the request to exchange the retrieved code for an accessToken fails with 400 Bad Request: {"error":"invalid_client","error_description":"The client credentials are invalid"}. The whole POST request seems to be correct but everytime I get this error returned. I tried to send this request manually and no matter what clientId and clientSecret I am using, I will always get a 400 Bad request. What am I doing wrong? I am using the official v2 Android SDK. ClientId and ClientSecret are set correctly and in the POST request body they are also correct... HELP – Basic Coder Nov 13 '13 at 19:59
  • @Platform Boxer Same problem here. The sample code implies a redirect_uri is NOT required and a method is provided as such however this is not the case as a `redirect_uri mismatch` error is shown on launching the intent. After setting a custom uri on the API page and the Android SDK, all appears fine however after choosing 'allow' the activity just shows white and the login process stalls. As it stands the documentation is incomplete and incorrect. – amcc Dec 10 '13 at 11:27
  • @amcc I tried everything. I ended up writing my own library for Box on Android. It's not that just the authorization process seems to be bugged a little bit but there are also many issues with restoring the API token and refreshing the tokens. I loved the previous API but v2 is pretty bad. #imho – Basic Coder Dec 13 '13 at 14:44