Hoping someone can set me on the right path here. I'm trying to complete OAuth authentication with a web service that requires a whitelisted redirect URI. On SmartThings, the documentation states that it should always be
https://graph.api.smartthings.com/oauth/callback, which works fine since I can add that to the whitelist and everyone is happy.
With HE, it seems (at least from examples I've stumbled across) that I may need to use a URI that is specific to each installation, which doesn't really mesh with the suggested best practices for OAuth since the service would have to allow whitelisting URI patterns.
So...what is the "correct" redirect_uri to use?
Is ST acting as a proxy for those callbacks
or am I misunderstanding the OAuth flow? (yes, they are)