Breaking Change for OAuth 2.0

OAuth 2.0 changes previously announced on 2022-03-15 are now live.

OAuth 2.0 Authorization URL Redirect

The OAuth 2.0 Authorization URL now redirects to https://app.blackbaud.com/oauth/authorize. Applications should continue using https://oauth2.sky.blackbaud.com/authorization as the OAuth 2.0 Authorization URL unless the application has a specific need that requires bypassing the redirect.

Breaking change - OAuth 2.0 Cipher Suite Support

Traffic to OAuth 2.0 is now required to use the following cipher suites:

  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Our documentation has been updated to reflect these changes.
Authorization | TLS Requirements

Categories