GIP oauth2callback redirect URL

This oauth2callback is the GAS delegation endpoint used only when a Genero Identity Provider (GIP) is configured to use an external IdP.

Note:

Do not confuse this oauth2callback with GAS’s standard oauth2callback URL (GAS SSO oauth2callback redirect URL) — that one is different and used for non‑delegated Single sign-on.

This redirect URL is where the IdP returns the user-agent with the OAuth2 ID token. It consists of:

Base GAS URL where the app is installed
GIP service path: GeneroIdentityProvider.xcf (default GIP service in GWS)
Entry point: oauth2callback/v1

Following this explanation, unless some URL rewriting has occurred and is configured in the web server, the URL will be:

http://host:port[/gas]/ws/r/services/GeneroIdentityProvider/oauth2callback/v1

Replace host, port, and the optional /gas with the values from your GAS deployment.

Ensure the redirect URL is entered exactly (including scheme and path); an incorrect or mismatched redirect URL will cause the IdP to reject the redirect and the authentication flow will fail.

Use https in production deployments; some IdPs require HTTPS redirect URIs.
If your deployment uses a load balancer, reverse proxy, or external hostname, register the public-facing host:port and path users will be redirected to (not an internal host).
If your GAS runs behind a web server configuration (for example, Apache, Nginx) with a connector alias, include the /gas segment. If not, omit it.

The redirect URL needs to be provided to the external IdP providing Single sign-on service via the GIP.