OAuth 2.0 Callback URL using http not https


I am attempting to integrate OAuth 2.0 on an app running on a private server. I am trying to set the callback URL as an insecure http address but the “Save changes” button is grayed out. We have an existing app created ~3 years ago, integrated with OAuth 2.0 using an insecure http callback URL.

Is there a work around for this that I am unware of, or was the requirement for the callback URL to be a secure https address added sometime since then?


Thanks in advance for any help!

As far as I checked, callback URLs in Atlassian Authorization webpage only allows https for any URL you write… except if it’s “localhost”. You can use http if your URL point to a localhost address, like:

I think (I’m not sure, i’m just a noob) this is how OAuth2 works, not something with Atlassian.

1 Like