API authorization
Whitelabel the OAuth flow
Guide to whitelabel the OAuth flow.
Use your own OAuth app
OAuth APIs require developers to register an OAuth app on their developer portal. Nango does not own this developer app, you do. This means that you have full control on the OAuth settings & permissions.
Use a custom callback URL
Some API providers (e.g. Google) show the domain of the callback URL to the user during the OAuth flow. By default, the domain of the callback URL is api.nango.dev
.
You can whitelabel this experience by using a custom callback URL which uses your domain.
If you are using Nango Cloud, follow these steps:
- Add a new endpoint in your app, e.g.
https://EXAMPLE.com/oauth-callback
. All requests to this endpoint should redirect tohttps://api.nango.dev/oauth/callback
and pass along all original parameters. The easiest way to do this is with a 308 redirect. - Change the registered OAuth callback URL with all API providers. Otherwise, they will refuse new authorization flows!
- Before updating the callback URL in the Nango Environment Settings tab, double check (and ideally test) that steps 1 and 2 are done. If the redirect is missing or the wrong callback URL is registered with an external API, authorization attempts will fail. Additionally, since settings are specific to each environment, you must manually update the callback URL for every environment you have.
If you are self-hosting Nango, follow the instructions here to change your callback URL.
Questions, problems, feedback? Please reach out in the Slack community.
Was this page helpful?