{
  "id": "api/oauth2-invalid-redirect-uri-mismatch",
  "signature": "OAuth2 error: redirect_uri_mismatch",
  "signature_zh": "OAuth2 错误：redirect_uri_mismatch",
  "regex": "redirect_uri_mismatch|invalid_request.*redirect_uri",
  "domain": "api",
  "category": "auth_error",
  "subcategory": null,
  "root_cause": "The redirect URI in the authorization request does not exactly match one registered in the OAuth client configuration.",
  "root_cause_type": "generic",
  "root_cause_zh": "授权请求中的重定向 URI 与 OAuth 客户端配置中注册的 URI 不完全匹配。",
  "versions": [
    {
      "version": "OAuth 2.0 RFC 6749",
      "introduced": null,
      "deprecated": null,
      "removed": null,
      "behavior_change": null,
      "status": "active"
    },
    {
      "version": "Google OAuth 2.0",
      "introduced": null,
      "deprecated": null,
      "removed": null,
      "behavior_change": null,
      "status": "active"
    },
    {
      "version": "Auth0 v3.0",
      "introduced": null,
      "deprecated": null,
      "removed": null,
      "behavior_change": null,
      "status": "active"
    }
  ],
  "os_specific": {},
  "dead_ends": [
    {
      "action": "",
      "why_fails": "The mismatch is often a missing trailing slash or different casing; adding one may not fix if the registered URI lacks it.",
      "fail_rate": 0.5,
      "condition": "",
      "sources": []
    },
    {
      "action": "",
      "why_fails": "Most OAuth providers do not allow wildcards for security reasons.",
      "fail_rate": 0.9,
      "condition": "",
      "sources": []
    },
    {
      "action": "",
      "why_fails": "The error is deterministic; retrying without fixing the URI pattern will always fail.",
      "fail_rate": 1.0,
      "condition": "",
      "sources": []
    }
  ],
  "workarounds": [
    {
      "action": "Copy the exact redirect URI from the OAuth provider's client settings page and paste it into your application code.",
      "success_rate": 0.95,
      "how": "Copy the exact redirect URI from the OAuth provider's client settings page and paste it into your application code.",
      "condition": "",
      "sources": []
    },
    {
      "action": "Ensure the redirect URI does not have query parameters or fragments unless explicitly allowed.",
      "success_rate": 0.85,
      "how": "Ensure the redirect URI does not have query parameters or fragments unless explicitly allowed.",
      "condition": "",
      "sources": []
    }
  ],
  "workarounds_zh": [
    "Copy the exact redirect URI from the OAuth provider's client settings page and paste it into your application code.",
    "Ensure the redirect URI does not have query parameters or fragments unless explicitly allowed."
  ],
  "transition_graph": {
    "leads_to": [],
    "preceded_by": [],
    "frequently_confused_with": []
  },
  "official_doc_url": "https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2",
  "official_doc_section": null,
  "error_code": null,
  "verification_tier": "ai_generated",
  "confidence": 0.88,
  "fix_success_rate": 0.9,
  "resolvable": "true",
  "first_seen": "2023-06-15",
  "last_confirmed": "2024-06-01",
  "last_updated": "2024-06-01",
  "evidence_count": 1,
  "tags": [],
  "locale": "en",
  "aliases": []
}