By Adam Nagy
When creating your own buckets or uploading files to them on OSS, you only need to use 2 legged OAuth.
However, when accessing content on A360, you need to use 3 legged OAuth which requires a Callback URL. This URL will be called by our web service once the user authorized your app to do the operations it requested permission for - i.e. once the user clicked ALLOW on this dialog:
One problem is that when you register your app on the Forge website, the Callback URL cannot be "127.0.0.1" or "localhost". It needs to be something like "name.something": e.g. "example.com", "local.host", etc.
Fortunately, you can create such a mapping on your local system. Once you mapped e.g. "dev.example.com" to "127.0.0.1" then you could provide something like this as a Callback URL for your app (including the callback path in your app: /api/autodesk/callback, and the port number: 8000):