Google Oauth2.0 web application's “Authorized redirect URIs” must end with a public top-level domain (such as .com or .org)?

Question

When create a Google API Oauth2.0 Credentials on Google Developers Console, I choose \"Web Application\" Application type.

In the \"Authorized redirect URIs\" field, I c

Answer 1

There is help text near "Authorized redirect URIs" field, that clearly states that you cannot use public IP addresses:

Authorized redirect URIs

For use with requests from a web server. This is the path in your application that users are redirected to after they have authenticated with Google. The path will be appended with the authorization code for access. Must have a protocol. Cannot contain URL fragments or relative paths. Cannot be a public IP address.

127.0.0.1 is not public IP, but a loopback, that's why http://127.0.0.1/callback works fine. localhost also could be used: http://localhost/callback

Except to bind a public top-level domain to my server, what else can I do?

You can use free DNS by http://xip.io/. So for IP 99.99.99.99 use http://99.99.99.99.xip.io/callback. And it would be resolved to http://99.99.99.99/callback.