Has the Authorization process changed recently?

We set http://somewhere.com/something.php?somevar=1&othervar=2 as the return url in the authorization process. The problem is that IFS sends the browser to http://somewhere.com/something.php?somevar=1amp;othervar=2&code=auth_code_here (& left out just after the =1 or it is not displayed the way we want it to here in the forum)

How can we preserve the othervar value? It’s needed for routing the application on our end. We tried having all & as & just in case there’s some strange urlencoding going on in the IFS side, but it seems to make no difference. urlencoding the entire url makes the IFS server go 500

This has worked in the past and seems to have just recently stopped returning the proper return URL.


Nothing about this process has changed since we migrated traffic to Apigee (six months ago) but it does appear to not be working correctly for multiple values. I’ll log a bug ticket for it, but in the meantime there are several workarounds:

  1. Base64 encode all your properties into a single value (JSON stringify → Base64 would be easiest) and just pass it as the first one. I appears that if you specify a single value it is passed successfully. Then just decompose that back into your internal model on the other end.

  2. Use path-based routing to incorporate the properties into the URI itself (/recieveauth/user/{id}/email/{email}) then just include it in the URI. Most webservice frameworks have a way to capture path parameters from those properties.

Thank you Tom…unfortunately neither of your suggested work arounds will work for us…We will have to build our own work around.

How can I be informed when this is resolved?



Are you sure you tried his work arounds? Both those work arounds would collectively take more than a couple of hours to implement and test properly and yet, your post back was in that short amount of time, so I’m inclined to think that you may have mis-read something he suggested.

Hi John,

Thanks for checking in and asking…This is a return to a request made on a Joomla website where Joomla needs the URL formatted a particular way to process the return.

My Joomla developer says it will not work, and I take him at his word as he has years of Joomla development experience. He has built a work around plugin (different meaning from a WP plugin) that makes it an internal two step process (hidden from the user). We have that working.

Thanks again,

1 Like

The state parameter is is intended for this. It is optional but highly recommended. When you send us a state param in the authorization we echo back the state when we redirect you. There is an issue if the redirect_uri contains more than one query param, but a single param and state works.

1 Like