#[Solved ✅] Using custom Client id and Client Secret. But what should the callback url be?

I need to whitelist the correct callback URL but what is the correct URL, I cannot find the docs

Hey @glossy raptor, are you using triggers??

No not yet. I’m just setting things up to try this instead of my own auth flows for my saas app but i cant have composio logo on the consent screens. I want to use my own ”application” but when i need to tell for example google which callback url is safe for my application auth flow

You can add this

Lemme know if it works for you 🙌

tried it on Google but just get
Access blocked: This app’s request is invalid
Error 400: redirect_uri_mismatch

Don't know if I have done something wrong. I didn't spend too much time on this. I tried adding composio.dev as an authorized domain.

But is the idea of composio that this should be possible. I mean for SAAS developers to handle their users and for me to be able to use my own client_id etc just as long as I add the Authorised redirect urls?

Can't get your question. Other than that we provide integrations for that.

What I'm trying to do is to for instance add Google integration but use my own Client_id and client_secret, see image 1

I then try to add an account, image 2.

But then I get from google, image 3. clicking error details says Error 400: redirect_uri_mismatch Request details: flowName=GeneralOAuthFlow

I tried adding composio.dev as a trusted domain for my application in cloud console on google as I thought I needed to tell google to trust composio.dev when it redirects which is why I asked my original question. I tried adding it but still the same error., see image 4.

So my new question is, where are the docs for this? and should this be possible? I mean I want my logo to be shown on the consent screen and not composio.

Have you added this in redirect URIs??

Rest I am confirming regarding your question

Add the 3rd one and it will work

omfg so sorry, I had added this to the wrong application which had the same name... and which weren't a "web application" but a "desktop application" .

It now "works" but it still says composio.dev "to continue to composio.dev" see images

So again why can't I get my own logo and name instead of composio?

hey - you will need to use your own oauth2.0 credentials to get your own own logo and name, which you can get from your google cloud console.

Here's you can do it: https://support.google.com/cloud/answer/6158849?hl=en#zippy=

Before creating the OAuth 2.0 credentials, you need to enable the Google Drive APIs and then select the relevant scopes while creating OAuth 2.0 credentials.

However, your users will see "Not Verified" on this OAuth page as you need to get your OAuth 2.0 app verified and might need to go through the CASA Tier 2 assessment for restricted scopes.

Yes I'm using my own cliend_id and client_secret but I still don't get my own logo. When running my own setup I do get my own logo but when I try use the same client_id with composio is just says composio.dev. I can see in the url that composio redirects with the same client_id I use for my other setup which has my logo.

This is weird. Can you confirm if you setup Client Id and Secret when creating the integration as shown in the attached video?

I confirm that I did what you did in the video and here are some screenshots showing that I indeed use my own client_id. I removed the cliend_secret for obvs reasons

All I know is that when I run this with my own auth tools I get the correct consent screen with my logo

Yup - Everything is perfect. Let me try this on my end.

I just verified this - this is working perfectly - do you want to get on a quick call to sort this out right now?

saw this a bit late. had to leave. I'd be happy to jump on a call but I guess I don't know when you are available.

Good to know that it should work and that it works for you. Maybe there is some cache of some sort making this not work out.

btw what do you see when going to this link:
https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount?client_id=983117019209-781tqekgd9d2d95p1jju74v3jqe61iaa.apps.googleusercontent.com&redirect_uri=https%3A%2F%2Fbackend.composio.dev%2Fapi%2Fv1%2Fauth-apps%2Fadd&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive.file https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&response_type=code&access_type=offline&prompt=consent&state=production_eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb25uZWN0aW9uSWQiOiI2NjhlNmUwYy04MWI3LTQ1ODgtOTRlZC1hZjQ1Y2NlOWY5MjkiLCJpbnRlZ3JhdGlvbklkIjoiYzEyMjUwMGUtMGI2Yi00ZjE4LWE3YzEtY2JjYWNhNTBhMzllIiwiYXBwTmFtZSI6Imdvb2dsZWRyaXZlIiwiY2xpZW50SW5mbyI6eyJjbGllbnRJZCI6IjE2NzYyNDI5LWQ1NWUtNGIyNC05MjcxLWYxNDgxODhlMzk3MCJ9LCJpYXQiOjE3MjY1NjEzMDZ9.r2MCCZzc7FibOhLilxOFT0l1sutdHyBxfcZPrjFVwhg&code_challenge=HQ557LOaXtFaYsXQT9TE2LAJdGZG1T-r2Oqah5xHHCs&code_challenge_method=S256&service=lso&o2v=2&ddm=0&flowName=GeneralOAuthFlow

Do you see composio.dev or vorker.ai? You probably won't see this in time and so the flow will time out but give me a ping so I can send you a new link

I still see composio.dev - can you confirm if this is your client id: 983117019209-781tqekgd9d2d95p1jju74v3jqe61iaa.apps.googleusercontent.com ?

from google> so yes it is the same

i am on #debug-help voice channel - let's chat?

sure!

hey @glossy raptor - can you check your OAuth Consent Screen configuration?

yeah what should I check for

Looks like this for ex

App Information

looks good.

did you enable the Google Drive API and if yes, can you confirm you have selected the below scope?

I have run this client_id on my own servers and it looks good, gets me access etc

oh okay - can you check the scope that you setup in the Integration settings on Composio dashboard?

"https://www.googleapis.com/auth/drive.file,https://www.googleapis.com/auth/userinfo.email"

I mean I didn't modify the scopes on composio. Just added the google drive tool

got it. can you share your email that is associated with your composio account?

send it in a DM

got it.

I am having this same issue - everything is configured correctly on my Composio dashboard (trying to connect Gmail to custom OAuth app in order to surface my custom branding), and I used my own Google OAuth client ID and secret at time of integration creation, yet I'm still seeing Composio branding language on the OAuth consent screen. Was there ever a resolution to this issue that you found @formal cosmos @glossy raptor ? Sorry to resurrect the old thread here, thanks in advance for the help.

Google only allows for one app logo per callback URL. Very google specific check.
So the only way to go about it is a bit tedious - You have to setup a proxy at your domain and receive the callback and forward it to our callback URL https://backend.composio.dev/api/v1/auth-apps/add.
You need to set your callback URL while passing client id and secret in Composio app in the Redirect URI field.

@proven bane ahhh, that makes sense. really appreciate the follow-up, thank you!

[Solved ✅] Using custom Client id and Client Secret. But what should the callback url be?