@Praxis I believe you don’t understand how this works. You can set any URL as the redirect URL, as long as you set the exact same URL in your clientid settings as the APP. Then when you are redirected to that URL (on the client side) you read the authtoken out of the URL and fail the redirection. This is how OAuth based authentication is done industry wide.