APIs & Integrations

PPłonka
Participant

Oauth2 and single redirect url

SOLVE

Hello,

 

Is there already a possibility to use many redirect urls for oauth2?

 

If not, is there any workaround for multi tenant app?

 

best regards

0 Upvotes
1 Accepted solution
himanshurauthan
Solution
Thought Leader | Elite Partner
Thought Leader | Elite Partner

Oauth2 and single redirect url

SOLVE

Hello @PPłonka,

 

You can use different Redirect_url while connecting the store with the HubSpot portal. Also, you can leave Redirect_url empty in your app, and at the time of authentication, you can send different URLs.

 

Refer to the doc on how can you use redirect_urls while authentication.

 

Regards,

Digital Marketing & Inbound Expert In Growth Hacking Technology

View solution in original post

4 Replies 4
himanshurauthan
Solution
Thought Leader | Elite Partner
Thought Leader | Elite Partner

Oauth2 and single redirect url

SOLVE

Hello @PPłonka,

 

You can use different Redirect_url while connecting the store with the HubSpot portal. Also, you can leave Redirect_url empty in your app, and at the time of authentication, you can send different URLs.

 

Refer to the doc on how can you use redirect_urls while authentication.

 

Regards,

Digital Marketing & Inbound Expert In Growth Hacking Technology
RRichard
Participant

Oauth2 and single redirect url

SOLVE

Hi,

leaving a empty rediriect_urls causes security incidents. If you have not restricted the callback URL for the OAuth application, that will allow the attacker to redirect the auth code to the attacker-controlled URL.

We have active incident in bugcrowd and we don't know how to fix this 😕

Maybe some wildcards in redirect_url will be avialable in the future?

 

Regrads

0 Upvotes
PPłonka
Participant

Oauth2 and single redirect url

SOLVE

@dennisedson sure, thanks for answer!

Oauth2 here allows only one redirect_url. But when i have multi tenant app i need many redirect urls because every tenant has different domain. 

 

So the question is: Is it possible to handle many redirect_url's and if not - is there any work around to allow many tenants to authorize themselfs with my hubspot app.

0 Upvotes
dennisedson
HubSpot Product Team
HubSpot Product Team

Oauth2 and single redirect url

SOLVE

@PPłonka 

Could you add some more details to the question?

@himanshurauthan might be able to assist 😉