Google OAuth 2.0 "error" : "redirect_uri_mismatch"

The docs say in Step 1. https://developers.google.com/+/web/signin/server-side-flow#step_1_create_a_client_id_and_client_secret that there must be no redirect URIs configured, only "Authorized JavaScript origins". In the authorization request and the token exchange, the redirect_uri parameter value should be set to postmessage.

Edit: Prior art on this: Google OAuth 2 authorization - Error: redirect_uri_mismatch


Just ran into this problem myself. In my case, my credentials were set up for an installed application, NOT a web application. It seems that Installed applications cannot be configured with redirect URLs. I created a new credential as a web application, and this gave me the option to set a series of redirect urls.

Following the advice of this and other answers, I made sure the URL's matched (copy-paste) and this functioned correctly for me. I also did this in an Incognito Window.

The result was my browser being forwarded to the URL I put in the redirect_url parameter with a special query string parameter code populated with the code to use for the next step.