I am implementing server side oauth for google youtube api.
I am not able to understand why is redirect uri needed for a server side oauth.
The application gets the token and flow remains on my server. Internet suggest to put localhost just to make it work, I get it but why?
Redirect uri is used for desktop / installed and web applications.
It is needed so that the authorization server knows where to return the authorization code back to.
In the case of an installed /desktop app its normally just localhost but in the case of a webserver it will be the location on the webserver designed to handle the Oauth2 authorization flow.
Google does offer another type of authorization called service accounts which is true server to server authorization though a secretary token. However not all google apis support it.
The YouTube api does not support service accounts
So to answer your question. You need a redirect uri in order to authorize your application to the YouTube api it doesn't matter if you are doing this server to server a user is still going to have to authorize the application at least once.