Live and Sandbox Web OAuth Integration

API Issues
1

We are using a live and sandbox web OAuth integration that has previously worked reliably.

Current behaviour:

  • Our request to /oauth2/authorise succeeds and returns 302.

  • We extract the returned response_headers.redirect_url, which is a Companies House identity journey URL of the form /oauth2/user/choose-your-signin?request=....

  • That URL is then opened immediately for the user to continue login/authorisation.

  • The journey now fails on “Page not found”.

We have verified:

  • client details and registered redirect URI (for both environments),

  • that we have used the correct details for the live and sandbox environments (i.e. we haven’t mixed them up),

  • no apparent mutation of the returned redirect_url between backend receipt and frontend use.

Please can you confirm whether there has been any change to validation, lifetime, or browser/session requirements for the intermediate identity journey URL returned by /oauth2/authorise, or whether there is a current issue affecting these URLs in live.

The last test performed using client id 0ab94174-4522-4f54-bd49-a5765eef25bb in live was timed at 2026-04-08 14:40:47.