Exchange auth code for a token fails with 23andMe API

Question

The 23andme web site has an API and they give the following instructions:

Send a POST /token/ request with these parameters (client_id and client_secret are on your dashboard):

curl https://api.23andme.com/token/
     -d client_id=xxx \
     -d client_secret=yyy \
     -d grant_type=authorization_code \
     -d code=zzz \
     -d "redirect_uri=https://localhost:5000/receive_code/"
     -d "scope=basic%20rs3094315"

Here's my code:

require 'net/http'
require 'openssl'
require 'json'
def get_token
    uri = URI.parse("https://api.23andme.com/token")
    https = Net::HTTP.new(uri.host, uri.port)
    https.use_ssl = true
    https.verify_mode = OpenSSL::SSL::VERIFY_NONE

    request = Net::HTTP::Post.new(uri.path,
                initheader = {'Content-Type' =>'application/json'})

    request.set_form_data({"client_id"     => 'bc81e2eb4fa77a0a8a2344aa99b5fb1e',
                           "client_secret" => 'd19160ac880a0d7a13abb87b90f66d8e',
                           "grant_type"    => 'authorization_code',
                           "code"          => 'a210a1d0beba7e3a1ef7f4133d7a3d3c',
                           "redirect_uri"  => 'http://localhost:3000',
                           "scope"         => 'names basic haplogroups relatives'})

    response = https.request(request)
    data = JSON.load response.read_body
    return data
end

puts get_token

quite straightforward, however I keep getting the following error:

{"error_description"=>"redirect_uri doesn't match", "error"=>"invalid_request"}

What am I missing here?

Answer 1

Typically with OAuth2 when fetching token, given redirect URI should match the redirect URI of OAuth application. The error indicates that it does not match.

Also you are setting 'Content-Type' => 'application/json' header for the request, do you mean 'Accept' => 'application/json'?