OAuth Error - Invalid callback URL 400

API Discussion
Hey folks,

So I've been working on a node.js web app for a few days and everything has worked as intended when running my server on localhost. I'm able to login to my battlenet account using OAuth and everything.

I then hosted my app to heroku and added a new redirect URI, while keeping the localhost URI as well. However, whenever I try to login to battlenet through my heroku hosted app, I get an OAuth error saying my callback URL is incorrect.

It's not incorrect. I've checked it multiple times, the URL is exactly what it needs to be. The dev portal says that it can take up to 10min for changes to take affect, but at this point it's been about 16 hours and it still doesn't work.


I've managed to fix the redirect issue. However, now I'm getting an internal server error (500).

If I check the heroku logs this is the error that it throws me:
2019-03-15T19:16:54.439655+00:00 heroku[router]: at=info method=GET path="/auth/bnet/redirect?code=USDJZWT79P7UV2DQQFWXI4G2P5DS6N1UZ3" host=infinite-thicket-25883.herokuapp.com request_id=80543614-c55f-4c30-902b-2c6880bc3254 fwd="" dyno=web.1 connect=1ms service=333ms status=500 bytes=404 protocol=https
2019-03-15T15:57:09.140119+00:00 app[web.1]: TokenError: Bad client credentials
2019-03-15T15:57:09.140137+00:00 app[web.1]: at Strategy.OAuth2Strategy.parseErrorResponse (/app/node_modules/passport-oauth2/lib/strategy.js:329:12)
2019-03-15T15:57:09.140139+00:00 app[web.1]: at Strategy.OAuth2Strategy._createOAuthError (/app/node_modules/passport-oauth2/lib/strategy.js:376:16)
2019-03-15T15:57:09.140141+00:00 app[web.1]: at /app/node_modules/passport-oauth2/lib/strategy.js:166:45
2019-03-15T15:57:09.140143+00:00 app[web.1]: at /app/node_modules/oauth/lib/oauth2.js:191:18
2019-03-15T15:57:09.140145+00:00 app[web.1]: at passBackControl (/app/node_modules/oauth/lib/oauth2.js:132:9)
2019-03-15T15:57:09.140147+00:00 app[web.1]: at IncomingMessage.<anonymous> (/app/node_modules/oauth/lib/oauth2.js:157:7)
2019-03-15T15:57:09.140149+00:00 app[web.1]: at IncomingMessage.emit (events.js:194:15)
2019-03-15T15:57:09.140150+00:00 app[web.1]: at endReadableNT (_stream_readable.js:1125:12)
2019-03-15T15:57:09.140152+00:00 app[web.1]: at process._tickCallback (internal/process/next_tick.js:63:19)

What I don't understand is how this works perfectly fine when running on localhost, but somehow when the app is on heroku there is a bad token.

Join the Conversation

Return to Forum