OAuth2.0 Authorization URL returns "403 Forbidden"

Answered

New post

April 29, 2023 15:46

When accessing an Authorization URL with IP address in redirect_uri, "403 Forbidden" is displayed.
If an Authorization URL with domain in redirect_uri, It works normally.

Is this a specification change? Or is it a fault?

[Example]
https://account.box.com/api/oauth2/authorize?client_id=CLIENTID&response_type=code&redirect_uri=https://example.com/
->It work.

https://account.box.com/api/oauth2/authorize?client_id=CLIENTID&response_type=code&redirect_uri=https://1.2.3.4/
->403 Forbidden

Comments

7 comments

mosesdayanand

April 30, 2023 13:06
The above 403 error is also found in Splunk add-on for Box
0

Comment actions Permalink
Rona

May 01, 2023 22:48
Hi there,

Welcome to Box Community and glad to help!

Looks like you're now working with our Product Support team. Please keep an eye to your email as our team will get in touch to help address your concern.

Thanks for posting!
0

Comment actions Permalink
syno cloudsync

May 02, 2023 02:43
Hi Rona,

We have received your message from our mailbox, and we are looking forward to the new updates on this issue.

Thank you for the reply :)
0

Comment actions Permalink
柴田浩士朗

May 02, 2023 04:18
Hi Rona!

As you are aware, I am in communication with the technical support team right now.(Case ID: #2847125)
If I make any progress, I will post it here.

Best Regards.
0

Comment actions Permalink
柴田浩士朗

May 03, 2023 03:53
I received a response from technical support team.

It appears this is a known issue to their engineering team, and currently investigating.
0

Comment actions Permalink
syno cloudsync

May 03, 2023 05:16
We are also looking forward the investigation progress.

Thank you for the update!
0

Comment actions Permalink
柴田浩士朗

June 29, 2023 09:53
Hi there.

It took quite a while, but this problem seems to have been resolved.
My application now works fine.
0

Comment actions Permalink

Please sign in to leave a comment.