just playing around with the REST API. There is more than one way to get a token but I wanted to get the use case working where a user is frist directed to mydevices.com for authentication, mydevices.com responds with an access token which is then exchanged into an authorization token.
The docs state
Success behavior: After successfully authenticating and accepting the requested scope, the user will be redirected back to the redirect_uri provided by the prior step.`
All good 'cause the redirect_uri that is being redirected to is supposed to contain the access_token.
However even if the requested redirect_uri is something like “https://localhost:8080/test/test2”, the resulting redirect goes to e.g.
Notice the “#” in the URI. That is a HTML anchor and browsers do NOT send everything behind it to the http server. That means my backend code never sees the returned access_token.
The resulting URI should be e.g.
Notice the “?” instead of the “#”.
The code on the mydevices side should either append its parameters with a “?” if the requested return_uri doesn’t contain any URL parameters itself or append its parameters with a “&” if there are already URL parameters in the return_uri.
I mean… am I missing something here?
Any pointers to where I’m doing it wrong are appreciated.