"prompt=consent" added to oauth redirect

rschil95 · 2024-11-21T03:29:08.330Z

Hey guys - wondering if anyone has had this issue before and possible fixes (or error on my end).

I am using OAuth2 User-Agent Flow to authenticate with Nylas. From the documentation I set the login redirect to “https://api.us.nylas.com/v3/connect/auth”. After configuring a button for social log in I keep getting a error related to a parameter that is getting added to the url - “prompt=consent”. Nylas returns the error - Sorry, there was an error with “prompt” URL parameter. 400/703: Unsupported value ‘consent’ for ‘prompt’.

If I remove prompt=consent from the url manually, everything works as it should and I am able to be redirect and authenticate.

Any ideas?

oauth error1431×869 39.3 KB

Connector959×756 66.9 KB

Baloshi69 · 2024-11-21T03:58:17.563Z

@rschil95 hey, i suggest build the calls for Auth2 your self, dont rely on API connect OAuth2 user-agent flow. user-agent flow ask alot of things not necessary.

this way you will have more granualr control on the flow. its very easy.

Create the auth URL and send user to that URL like below:

image889×278 20.2 KB

this url also need a return url, which send your user back with a code, create a empty page on which you redirect your user.
Once your user get redirected to that page. it will have a parameter with code: key you need this key to generate a API token which you can use on other calls.

image1130×228 17.8 KB
For that you need to build another api call , which you can trigger here once user is redirected to this page , to exchane the code with a API token.

image386×382 14.2 KB
this call with return you an acces token. which you can use in you api calls for other end point.

image475×243 9.62 KB
That set, save the access_token securly and use it.

Most Auth support anther parameter as STATE whcih is an optional value you can ask the auth provider to send. this way you can use different auth provider in same page to run different exhance call if you are redirecting multiple auth provider in same page. i do this a lot. i.e ( ask fb to send in state facebook , and google to send google. this way once page is loaded i know which exchange call i need to call.

rschil95 · 2024-11-21T04:08:09.802Z

Thanks for the tips! Just was playing around and figured out the issue I’m getting is only when access_type=offline is checked.

Baloshi69 · 2024-11-21T04:20:34.708Z

yah, The api connect agent flow is really weird some time, like if you are using it with google singup, and the user is already in you app. it will always through an error. rather then just login the if user si already in our db.

i always build the auth my self, never use agent flow. as it give me more granular control , my mentor suggested me.

rschil95 · 2024-11-21T04:25:01.960Z

Looks like I figured it out. For those that find this in the future here’s what I found. While I wanted to add “access_type=offline” so that Nylas (api provider for this example) return a refresh token it was adding prompt=consent to the url as well (I believe Nylas triggers this addition). The fix for me was unchecking the “Add access_type=offline” and simply adding the parameter directly to the login redirect.

Screenshot 2024-11-20 232422895×311 33.5 KB