I am having a problem with specifying the redirect-uri for "../common/oauth2/token" call on MS cloud services (Sharepoint online/ OneDrive etc...).
The problem is that our client application is multitenant, hosted in a cloud, so we cannot use "localhost" uri. The redirect uri to our client app needs to be somehow dynamic but unfortunately AAD validates the uri against predefined list of redirect URIs.
I only have an experience with DropBox OAuth flow where you can omit the redirect-uri and it will show the page with authorization code to the user so he can copy-paste it to his client app and retrieve the token... but I think its not possible in this OneDrive auth. case.
Is there a prefered solution to this problem? For example hosting a dedicated service that will consume those redirect calls and that will show the authorization code to the user?
I found out that I could use app-only token so I don't need an user interaction anymore. It is covered here: https://msdn.microsoft.com/en-us/office/office365/howto/building-service-apps-in-office-365