Did Yammer App Registrations just start forcing https for redirect urls?


Hey Yammer Devs,


We've set up a few apps to play around with things internally on our intranet test boxes. All http not https - its all be working fine - but I'm finding that if I try to save a new or edit and existing app on the client applications site I'm getting a new error - changes are not saved unless you specfiy an https for your redirect.


Image attached.


Did something change? I dont see an explicit reference in the App documentation? so putting it out there..

5 Replies

Rich - Thanks for your question. Our security team has made a recent change. New and updated apps must redirect to https services. Existing apps with http redirect URIs will continue to work through 2016 -- to give us time to work with developers to update their redirect URIs.

Ok - so message to your security team - communicate on the road map site :) notify your customers and update your documentation.

Actually it looks like this page has been updated today. now states https redirect. The notification to existing app users and item on the roadmap are still required steps from my perspective.

Best Response confirmed by Rich Burdes (Contributor)

I understand, and will share your feedback. The good news is that existing apps will continue to work as-is. It is only when an update is needed when devs will be asked to switch to an https Redirect URI.  I've asked for a developer blog post -- I'll post the link here when it's up.