none
login.live.com/oauth20_authorize.srf saying it wants response_type of 'code' RRS feed

  • Question

  • I have downloaded the example OneDrive file explorer from https://github.com/OneDrive/onedrive-explorer-js. Their online demo works fine. Locally I then updated the client ID and redirect_uri values. The later is www.foobar.com with an entry in hosts mapping that to 127.0.0.1 where my local Apache is running over SSL. The log on URL is

    https://login.live.com/oauth20_authorize.srf?client_id=xxx&scope=onedrive.readonly%20wl.signin&response_type=token&redirect_uri=https%3A%2F%2Fwww.foobar.com%2Fadmin%2Fcallback.html

    but the presented dialog contains

    https://www.foobar.com/admin/callback.html#error=unsupported_response_type&error_description=The+provided+value+for+the+input+parameter+%27response_type%27+is+not+allowed+for+this+client.+Expected+value+is+%27code%27.

    Why the different behavior?

    Saturday, October 29, 2016 4:17 AM

All replies

  • Because one is abuse, phishing trying to get into a system  you're not meant to get in to, and the other is legitimate and hopefully they found their answer :)
    Sunday, December 1, 2019 1:08 PM