OAuth what would the Redirect URL be

I need to consume a 3rd Party API. It uses OAuth for authentication. I am able with the InAppBrowser to send the user to the remote server to login, but what would I use as a redirect URL to get the user back to my Android App?

The best way to redirect the user back to your app is to close the InAppBrowser once you get your token:

    let browserRef = window.open(url, '_blank', 'location=no');
    browserRef.addEventListener("loadstart", (event: any) => {
      if ((event.url).indexOf('?token=') !== -1) {
        let token = event.url.slice(event.url.indexOf('?token=') + '?token='.length);
        // here is your token, now you can close the InAppBrowser

If your 3rd Party API requests a redirect URL, you can use: http://localhost:8100/
However, it will not achieve what your are trying to do, so you’re better off simply closing the InAppBrowser.

1 Like

Thank you. I gave this a try but the EventListener never fires.

Even if I run this code, the browser window does open but the console.log() is never fired.

Is the loadstart the correct event to attach to?

let browserRef = window.open(url, '_blank', 'location=no');
    browserRef.addEventListener("loadstart", (event: any) => {
        console.log("I am here");

It works fine with me. May I ask which API your are using?

Yep, binary.com

I open this url


The user is provide with a login form. When they click submit the window is redirected to


You are testing on device right?
And you have the latest plugin version? "cordova-plugin-inappbrowser": "^2.0.1"

No, I am testing on a PC with “ionic serve”

If you test on a device it would probably work.

I have now tested on a device and found the following.

It does work when I test it on a device with “ionic cordova run android --device”

but it does not work if I use “ionic cordova run android --device --livereload”

This is going to make development difficult if not impossible. Any ideas what the problem might be?

I’m not sure why, as I do not work directly on device during development.
What about the emulator? ionic cordova run android --livereload

if you’re using inAppBrowser, why are you referencing window?

From what little experience I have using inAppBrowser, it looks like you’re not using it at all and are instead just opening, accessing, and closing the global window object.

Unless I’m missing something, you’re just not using the plugin correctly. Here’s the link from the official docs

@jaydz I have also tried the inAppBrowser. I am having real problems with getting what I need done. Hopefully you can help me.

Here is my code

const browser =  this.inAppBrowser.create("https://oauth.binary.com/oauth2/authorize?app_id=xxxxx",'_self', 'location=yes');
    browser.on("loadstart").subscribe((event: InAppBrowserEvent)=> {
      this.currentURL = event.url;
      let url = event.url;

      this.liveToken = /token1=([^&]+)/.exec(url)[1];
      this.testToken = /token2=([^&]+)/.exec(url)[1];


When I initially open the url, the user is presented with a login page. If the users credentials are accepted, the page is forwarded to a specific URL which includes a parameter that contains the API Token.

The subscribe event is being fired on loadstart, but it seems it only fires on the initial pageload and not when the page is forwarded by the server after logging in. I think this is the case because the URL i get back is the URL I originally sent the user too, not the URL they were forwarded to by the server.

Sorry, but I just haven’t used InAppBrowser very much and don’t have the know-how to assist you on this one. I just wanted to make sure you weren’t under the impression you were using the plugin when you weren’t.

no probs, thanks anyway

did you get any response about how to do it?
I’m having the same issue. I need to connect via OAuth2 to an external Authorization Service and I don’t know how can I get the redirect_uri back to my app.
Any idea about the flow using Ionic 4?

use ionic://localhost for ios and http://localhost for android.
Also check CORS condition on your auth server.

Finally I resolved using a code similar to @simonjcarr and a Node backend for the callback and to store the “refresh_token” and then redirect again to the mobile app with just the “access_token”. When the inAppBrowser detects that the URL contains the “access_token” as parameter then get it, save it using ionic storage and close the inAppBrowser.

Hi @sosaosuna - this might be a long shot, but how did you do the redirect back to the app exactly? Currently, when we run our app on a device and via Chrome Dev Tools, it’s showing as running on file:///android_asset/www/index.html

How do you redirect back to this exactly?