I am trying to use the OAuth sign in flow to authorize an app for a user. The app is a mobile application. I have the following working by redirecting to a callback and then redirects to my mobile app.
I have an issue where users need to confirm their device, it does not redirect to my mobile app.
A couple of questions:
How can I reproduce the device verification when testing? I’ve tried removing all signed out sessions on my accounts and removing the devices, but that doesn’t trigger the flow.
There is a setting for native applications in the Oauth flow:
“Mobile verification deeplink (native applications)
Coinbase OAuth sign up and sign in often requires user to complete email and device verification via email. To successfully redirect user back to your application, you can specify a direct deeplink which will automatically be followed after successful verification.”
I specified my app, however, it does not redirect for users. Is this supported, there seems to be limited documentation as the mobile sdks were deprecated some time back.
Thank you for using Coinbase forum, we are happy to help you.
For mobile applications, you can set the redirect_uri to a special value when registering a new OAuth2 application: urn:ietf:wg:oauth:2.0:oob. This value tells our servers to render a blank page with the authorization code in the URL and title of the page, which can be parsed by your application. Additionally, for native mobile applications, a special verifications deeplink can be specified as part of your OAuth application’s advanced settings. This link will be opened automatically on successful verification, achieving a seamless transition. To test the device verification flow, you can try removing all signed out sessions on your accounts and removing the devices. If this does not trigger the flow, please contact our support team for further assistance.
To reproduce the device verification when testing, you can use the API reference to generate a webhook signature. Always verify the webhook signature before acting on it inside your system.
Yes, this is supported. You can find more information about the mobile verification deeplink in the Coinbase OAuth documentation. Additionally, you can find more information about the Coinbase Wallet SDK and how to integrate it with Web3 in the Coinbase Wallet SDK documentation.