TikTok Login Kit: Illegal redirect link

Question

I am having a look at the new TikTok Login Kit for Web and am stuck on the redirect step.

Similarly to all oAuth-based services out there, when you register your app, they should ask for valid redirect URLs. In the case of TikTok, they ask for redirect domains, as shown below:

Then, based on their official documentation, you just need to call

https://open-api.tiktok.com/platform/oauth/connect/client_key=client_key&response_type=code&scope=user.info.basic&redirect_uri=redirect_uri&state=state

• Client Key is the key provided
• Redirect is https://testing.mydomain.com/signup/tiktok (which is one of the approved domains as per the screenshot above)
• State is a Unique String

I get to the TikTok authorization page, confirm, then instead of being redirected to https://testing.mydomain.com/signup/tiktok I receive the following error:

{"data":{"captcha":"","desc_url":"","description":"Illegal redirect link","error_code":10006},"message":"error"}

Tested multiple times, also adding a final slash to the redirect URL (https://testing.mydomain.com/signup/tiktok/ ) in case it was a requirement, but always get the same error.

Also tried with the production domain in case they check if the domain can be reached from public network.

Answer 1

After researching this for a couple of hours and tried Andrea's workaround, it just seems that TikTok fixed their issues and now it works as expected. So, for anyone searching a solution to this issue, I managed to get it working with the following values:

Callback URL: https://example.com/auth

*Redirect domain example.com dev.example.com