Share your ideas with us
Make sure to check out our terms of use and how to submit and vote for products ideas
When testing our app, sometimes we'll use a redirect URI that appends a canary branch. For example, if we have the redirect URI https://ourservice we may have a test branch URI of https://ourservice/branch/bugfix-1 or https://ourservice/branch/bugfix-2. Instead of having to go into the console and specify each redirect URI, it'd be nice to have a wildcard, for instance https://ourservice/branch/*.
We recognize the utility of this feature, however, IETF specifically recommends against this approach
For example OAuth 2.1 (still in draft says (https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-04#section-2.3.2):
And https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics-18#section-2.1
I really like the idea, btw.
I'd add a branch name variable, site location/IP identifier within your code as a tag to automatically load the proper console. (If name=Houston, then load /houston-branch/*.)
Good idea. What if this change happened within your code by adding a drop down to choose between the wildcards?