First of all, thanks for this plugin! Seems to work great!
When setting a custom cpTrigger in general.php we do that to hide our url for the control panel on purpose. So it's not great to have this cp trigger used as an url segment on the redirectUri of the oAuth apps.
I searched for a setting in the plugin to change this behaviour, but couldn't find one.
Please remove the cpTrigger as a segment from the redirectUri. Just domain/oath/... should be sufficient I'd say. But correct me if I'm wong. That way we don't expose the url to the cp inlog (even when it's only used in the back channel).
First of all, thanks for this plugin! Seems to work great!
When setting a custom cpTrigger in general.php we do that to hide our url for the control panel on purpose. So it's not great to have this cp trigger used as an url segment on the redirectUri of the oAuth apps.
I searched for a setting in the plugin to change this behaviour, but couldn't find one.
Please remove the cpTrigger as a segment from the redirectUri. Just
domain/oath/...
should be sufficient I'd say. But correct me if I'm wong. That way we don't expose the url to the cp inlog (even when it's only used in the back channel).Thanks!