Error: The redirect URIs must not contain a fragment identifier

How to handle the error : The redirect URIs must not contain a fragment identifier.

Remove everything after the # and you should be good to go.

Removing the # works.

My main requirement is to land the user directly on pinboards page (part after the #) though.

What you are doing is unclear.

Anything after the fragment represented as # will not be retrievable by the server. It looks like you are trying to do an authorization code flow (server-side flow) so you would never be able to read the authorization code.

Can you go into a little more information into what you are building (frontend / backend) are you trying to get an access token into your SPA to call an API? Or are you trying to create a server-side session for the application as a whole?

I have a similar situation. My SPA grabs the code query parameter and passes it to my backend to handle user account creation, get refresh tokens etc. I’m currently using a fragment identifier with the Salesforce oauth redirect flow and its working fine. Why do you prevent fragments for callbacks?

Salesforce returns something that looks like: