First time here? Check out the FAQ!
Ask Your Question
1

What is the callback url when setting up OAuth applications eg. Twitter?
 
   
  
 
 
This is required when installing keys to connect the external services.  Sites such as twitter ask for the callback url.
 
 
To enter a block of code:
 
     
  • enter empty line after your previous text
    •  
  • paste or type the code
    •  
  • select the code and press the  button above
    •  
 
Preview: (hide)
  
 
 
 
 
 
 Evgeny's avatar

      13.2k
    
 
 
 
 Evgeny 
 
 
    updated 14 years ago 
 
 
 
 
 Rupreck's avatar

      305
    
 
 
 
 Rupreck 
 
 
    asked 14 years ago 
 
 
 
 
        
 
 
 
Comments
 
 
 
 
  
 
 

        The settings page has the linkedin 'create app' url wrong (a typo from the twitter one above).  The link needed is: https://www.linkedin.com/secure/developer 
 
 Rupreck's avatar Rupreck (14 years ago)   
 
 
  
 
 
  
 
 

        Edited your post - Twitter (as well as facebook and linkedin) uses OAuth, protocol, not OpenID .
      
 
 Evgeny's avatar Evgeny (14 years ago)   
 
 
  
 
 
  
 
 

        I knew that but it seems my fingers didn't... thanks.
      
 
 Rupreck's avatar Rupreck (14 years ago)   
 
 
  
 
  see more comments  
 
 
 
 
 
 1 Answer
  
  
   
 
 
 
 
1
 
 
  
 
 
 
 
 
 
Hi Rupreck, for the "Registered callback URL" in Twitter, please just type URL of your site (better to the /questions page - to avoid a redirect). The meaning of that setting - is where the login provider must redirect after authentication is complete.
 
The URL you've mentioned "complete-oauth" is internal - no need to use it for the registrations. It is used for the protocol communication internally.
 
 
To enter a block of code:
 
     
  • enter empty line after your previous text
    •  
  • paste or type the code
    •  
  • select the code and press the  button above
    •  
 
Preview: (hide)
  
 
 
 
 
 
 Evgeny's avatar

      13.2k
    
 
 
 
 Evgeny 
 
 
    updated 14 years ago,
        
    answered 14 years ago 
 
 
 
 
     link   
 
 
 
Comments
 
 
 
 
  
 
 

        Facebook has a Deauthorise Callback.  What should this be?  Is it supported?
      
 
 Rupreck's avatar Rupreck (14 years ago)   
 
 
  
 
 
  
 
 

        If I understand correctly - you can enter any url you want. That is supposedly the page you want to show the user when he/she removes access to your site through the OAuth provider. All the OAuth client does in askbot at this point - lets the user log in. Also it is possible to log in via multiple methods to the same account at the same time, take a look at "manage login methods" link in your profile.
      
 
 Evgeny's avatar Evgeny (14 years ago)   
 
 
  
 
 
  
 
 

        I suspect such a facility would allow the user to instruct the authentication provider (facebook) to effectively withdraw the granted token from all service providers (using SSO/SAML thinking). i.e. the user hypothetically could go to their authentication provider and in one click log themselves out of everywhere.  eg. if they felt they had been compromised or in the case of facebook if the user removes the app.  So this would have to point to a page that would log the user out of askbot immediately.
      
 
 Rupreck's avatar Rupreck (14 years ago)   
 
 
  
 
 
  
 
 

        Actually the explanation is here: http://developers.facebook.com/docs/authentication/ about two thirds of the way down the page.
      
 
 Rupreck's avatar Rupreck (14 years ago)   
 
 
  
 
  see more comments