Swift - (Strava API) Bad Request, Redirect URI Invalid

Question

I am prompting the user to connect to Strava, and when I open the URL, I am given a page with JSON telling me that it was a bad request, and that my redirect uri was invalid.

{ "message":"Bad Request",
    "errors":[{
        "resource":"Application",
        "field":"redirect_uri",
        "code":"invalid"
    }]
}

When I do the following,

https://www.strava.com/oauth/authorize?client_id={{clientId}}&redirect_uri=google.com&response_type=code&scope=read_all,activity:read_all,profile:read_all

I get this error. So I know something is up when trying this on the iOS Simulator. When I do it in Postman, it seems to work just fine.

Here's the request I am putting into my Xcode project in Swift

let url: String = "https://www.strava.com/oauth/mobile/authorize?client_id=97936&redirect_uri=google.com%3A%2F%2F\(Keys.fallbackUrl)&response_type=code&approval_prompt=auto&scope=read"
guard let authenticationUrl = URL(string: url) else { return }
        
authSession = ASWebAuthenticationSession(url: authenticationUrl, callbackURLScheme: "google.com") { url, error in
    if let error = error {
        print("error: \(error.localizedDescription)")
    } else {
        if let url = url {
            print(url)
        }
    }
}
        
authSession?.presentationContextProvider = self
authSession?.start()

I also managed to make a working universal link so when one types this link into Safari when already having the downloaded app, it takes directly to the app. So eventually, I will replace it with my URL: kette.netlify.app

Some things I have tried:

• Using https:// in front of the callback uri and redirect uri. The iOS Simulator crashes.
• Using other URLS aside from my kette.netlify.app one.
• trying Deep Linking AND Universal Links.

Any help would be greatly appreciated! Thanks so much

Answer 1

There is a procedure to have a redirect uri i.e. Strava only supports the authorized redirect. So, we have to set a domain for the callback and then we can just continue without having Invalid redirect_uri error.

You can set the domain from:

Strava > Settings > My API Application > Edit > Authorization Callback Domain > Save

There you have to set google.com it will not accept the scope like https, http, etc.

NOTE: Keep in mind to change the domain when you are done testing and in live production.

For your response you can check strava docs where it is mentioned.

URL to which the user will be redirected after authentication. Must be within the callback domain specified by the application. localhost and 127.0.0.1 are white-listed.