Authorized return URLs
One of required inputs for your Google or Azure OAuth app registration is the authorized redirect or return URIs. Here is an example from a Google developer console:
For Aurinko to be able to initiate and complete your app's authorization flow an Aurinko hosted url has to be specified in your Google or Azure AD app registration. Office 365 / Azure AD users could simply use https://api.aurinko.io/v1/auth/callback but Google would not allow urls from unverified domains and you can't verify aurinko.io domain as you don't own it. Office 365 user may also want to use an url from domain they own as in certain scenarios that domain is shown in the app's consent window.
You have two options here:
- Contact us to help you configure a special DNS record in your domain, that points at the Aurinko server, i.e. aurinko.your-domain.com. After configuring your DNS you will be able to use https://aurinko.your-domain.com/v1/auth/callback
- Provision your own URL and make your server redirect all callback requests to Aurinko at https://api.aurinko.io/v1/auth/callback. It's important to clone all query parameters in a redirect, like code, state, error, ...
When choosing this approach you also need to tell Aurinko your own return URL, which is done on the app settings page, in the Google OAuth or Office 365 OAuth sections.