重要补充:我发现在跨客户端服务器认证流程中，当你从Web SDK接收到serverAuthCode时，你应该使用“postmessage”，当你从Android或iOS SDK接收到serverAuthCode时，将redirect_uri设置为空。

在我的例子中，重置secret ('reset secret'-按钮)就成功了。

在我的例子中，redirect-uri是http://127.0.0.1:5000/auth/google/callback 我一直在http://localhost:5000/auth/google上请求 确保您使用的是localhost还是127.0.0.1。

Let me complete @Bazyl's answer: in the message I received, they mentioned the URI "http://localhost:8080/" (which of course, seems an internal google configuration). I changed the authorized URI for that one, "http://localhost:8080/" , and the message didn't appear anymore... And the video got uploaded... The APIS documentation is VERY lame... Every time I have something working with google apis, I simply feel "lucky", but there's a lack of good documentation about it.... :( Yes, I got it working, but I don't yet understand neither why it failed, nor why it worked... There was only ONE place to confirm the URI in the web, and it got copied in the client_secrets.json... I don't get if there's a THIRD place where one should write the same URI... I find nor only the documentation but also the GUI design of Google's api quite lame...

I had this problem using Meteor and Ngrok, while trying to login with Google. I put the Ngrok URL in the Google Developer Console as redirect URLs, and went to the Ngrok URL page. The thing was that I didn't use Meteor's ROOT_URL when executing the app, so any redirect would go to localhost:3000 insted of the Ngrok URL. Just fixed it by adding the Ngrok URL as ROOT_URL on Meteor's configuration or by exporting it before executing the app on the terminal like: export ROOT_URL=https://my_ngrok_url

这个问题的主要原因只会来自chrome和chrome处理WWW和非WWW不同取决于你如何在浏览器中输入你的URL，它从谷歌搜索并直接显示结果，所以发送的重定向URL在不同的情况下是不同的

添加所有可能的组合，你可以找到确切的url从fiddler, 400错误弹出不会给你确切的http和www信息