Plugin ID for Oauth improvements

Since the redirect uri contains the plugin id and the plugin id is randomly generated and never shared or stored anywhere - it makes it complicated to work with the auth clients as they require whitelisting the redirect uri.

Is there any way we can formalize on a “create plugin” process similar to other companies that allow a “create app” and then the various creds for it are available in a dashboard.

Or perhaps there is and Im missing something

Thanks for the feedback in this, the team just pushed some changes that will address some of the concern here. I will update the dos tomorrow with the changes!

1 Like

I just saw the dev tools options come up - cool :slight_smile:

For the moment, I overrode the oauth to have my server handle everything and then just respond back with the correct tokens and body shape. Seems to be working well. @logankilpatrick

1 Like

Let me know how I can help since I just overcame the issue - I might be able to provide feedback on my user experience to help your team build out a robust solution.

My plugin starts failing once the initial auth token has expired. I have to uninstall and reinstall the plugin to refresh the auth token. Have you seen this issue as well?

Is this issue considered resolved? I still cannot find an elegant way to get the “plugin-some_plugin_id”. Well, that is not a big deal. The OAuth provider like Google will fail first time, generating an error to indicate what ChatGPT is sending. Then, I can copy/paste the info to satisfy Google. Basically, I am using a trial and error approach.

The id seems to be stable after a plugin is installed in “Develop your own plugin” first time. That is good. I hope OpenAI would clearly state the stability of the id scheme is indeed by design, not sort of some luck.

ChatGPT generates a mysterious id like “plugin-e4a73cc9-7cac-467e-af08-10e400c45b08”. Is that a function like this F(user_id, manifest hash, timestamp, etc.)? The id is not confidential, is it? Can it be generated in advance by the developer before the plugin is deployed?