1

We have a CMS that powers over 2000 school websites. The admin sites for each of those websites are all under the same root domain, e.g. *.myadmin.com. We are working on integrating OneDrive File Picker on multiple pages in all of those admin sites.

We have an issue with the Redirect URLs in the API Settings. We tried to set the Root domain field to myadmin.com by setting Redirect URLs: to https://myadmin.com. In JavaScript, we initialize the File Picker like this:

WL.init({
    client_id: window.OneDrive.clientId,
    redirect_uri: ''
});
WL.fileDialog({
    mode: "open",
    select: "single"
});

That results in a popup window saying:

We're unable to complete your request. Microsoft account is experiencing technical problems. Please try again later.

In the address bar of the popup window, there's a further error description(url decoded):

error_description=The provided value for the input parameter 'redirect_uri' is not valid. The expected value is 'https://login.live.com/oauth20_desktop.srf' or a URL which matches the redirect URI registered for this client application.

Putting a specific url, like https://subdomain.myadmin.com/homepage, in the API Setting would make the Picker work on that specific page, but not on other pages. Looks like it's looking for an exact match. Obviously it's not practical for us to create a separate app for each page that uses OneDrive.

The problem can be solved by disabling Enhanced redirection security on the API Settings page. That option existed a few weeks ago when we created an app for development, but was marked as deprecated. Today when we created a new app for production, it wasn't there anymore, which I think is now enabled for all new apps.

We had a similar issue with Dropbox Drop-ins Chooser, but we were able to solve the problem by setting myadmin.com as the domain of the app.

Is there any work around for this problem?

Thanks for your help and suggestions.

Dachao Li
  • 13
  • 3
  • Could you have this solved by having a tenant database which would store the redirect url by account? – Alexandre Santos Jun 25 '14 at 04:46
  • @AlexandreSantos Can you explain in more detail? I don't quite understand. Do you mean storing all possible redirect urls in database? Thanks. – Dachao Li Jun 25 '14 at 18:45
  • Added this request to make this available for dynamically created domains: http://onedrive.uservoice.com/forums/262982-onedrive/suggestions/7815039-add-support-multiple-domains-in-redirect-uri-witho If you are interested in this feature, please join my request. – CoderStix May 04 '15 at 18:46

3 Answers3

2

The only way I could get this to work was

  1. Make sure the exact single web page on a single domain is configured and working for one drive (the url running OneDrive needs to be correctly configured in Microsoft account Developer Center
  2. Then use this page inside an iframe (even if it is a completely different domain)
  3. then use postMessage to pass the data back to the parent iframe to utilise

a working copy (link may be removed at any time ) Testing OneDrive in an iframe

Other pertinent urls

  1. browser support for postMessage
  2. Browser support for postMessage on stackoverflow
  3. postMessage documentation

Some example usage of postMessage

  1. example usage of postMessage
  2. another example of use of postMessage
Community
  • 1
  • 1
Nick van Esch
  • 1,017
  • 9
  • 8
  • Thanks for the suggestion; I have implemented the same pattern for Google Drive and am attempting to do the same for One Drive. Unfortunately I am having an error occur (see [my question](http://stackoverflow.com/questions/39280709/why-does-onedrive-js-picker-sometimes-have-null-opener) - have you seen that or do you have any ideas about how to resolve that error? – Sᴀᴍ Onᴇᴌᴀ Sep 12 '16 at 19:13
-1

You can add multiple Redirect URLs as long as all of them are in the same subdomain. Each redirection URL needs to be specified explicitly:

Redirect URLs screenshot

ginach
  • 454
  • 2
  • 6
  • Note, there is currently a bug with the page preventing this from working properly: http://social.msdn.microsoft.com/Forums/en-US/54e76092-0e87-4dd8-b8f5-9c15df2d4c18/only-one-redirect-url-allowed-per-application?forum=messengerconnect. Once it's fixed the above should address your scenario. – ginach Jun 26 '14 at 19:15
  • Thanks! Does that mean we still have to explicitly put in the urls for each subdomain? And we have another case where we have resource id in the url, like `https://subdomain.myadmin.com/homework/12345/edit`, which makes it impossible for us to explicitly specify every url. I wonder if there's a solution for our need. Thanks again. – Dachao Li Jun 26 '14 at 20:01
  • Yes, you have to explicitly enter each URL that you will be redirecting back to which would include every subdomain. – ginach Jun 26 '14 at 23:40
  • This still doesn't solve our problem. But I guess that's what it currently is. We're able to integrate Dropbox and Google Drive fairly easy. Dropbox only needs to specify the root domain; Google Drive needs more work, but its File Picker UI can be initialized with an access token. I look forward to future updates in OneDrive that make it easier to integrate. – Dachao Li Jun 30 '14 at 19:41
  • One option would be to have a redirect URL/page that then uses the OAuth state parameter to do the further processing. I believe the current implementation is meant to enhance security, but it makes things difficult in cases like this. – ginach Jul 01 '14 at 21:10
  • With that approach, we get the access token at somewhere else in our system, and somehow send it back to the page. Are we still able to use the File Picker UI with the access token? – Dachao Li Jul 01 '14 at 21:38
-1

The bug with the Microsoft developer console mention is resolved if you put the root domain you want first, then the 2 sub domains.

Add 3 entires: 1. domain.com 2. sub1.domain.com 3. sub2.domain.com

user3603467
  • 23
  • 1
  • 4