As we’ve shared over the past few months, we will implement heightened security protocols for our OAuth integration clients. This will start with our 15 November release next week.
This requires an update from some users of our public or member APIs. We are now requiring exact domains to be registered for the OAuth redirect URIs and will no longer make exceptions for non-matching subdomains. This will ensure we are able to keep our software up to date with the latest security patches and to deliver the highest caliber of security we can to our members.
More information:
Please confirm that the redirect URIs that you are using in your OAuth process are matching the ones registered to your API Credentials.
If you need any help with this, please contact support@orcid.org