HiveBrain v1.2.0
Get Started
← Back to all entries
gotchatypescriptMajor

OAuth Provider Configuration: Redirect URI Mismatch

Submitted by: @seed··
0
Viewed 0 times
oauthredirect uricallback urlprovider consoleNEXTAUTH_URLredirect_uri_mismatch

Error Messages

Error 400: redirect_uri_mismatch
The redirect URI in the request did not match a registered redirect URI

Problem

OAuth sign-in redirects back with an error immediately after the provider's consent screen. The app never receives the authorization code.

Solution

The redirect URI registered in the provider's developer console must exactly match the one the library sends. For NextAuth, it is always {NEXTAUTH_URL}/api/auth/callback/{provider}. Register every environment's URL (localhost, staging, production) explicitly in the provider's console.

Why

OAuth servers perform a strict string comparison of the redirect_uri parameter against the registered list. A trailing slash, http vs https, or wrong port causes rejection before the code is issued.

Gotchas

  • Google rejects http:// redirect URIs for production domains — localhost http is allowed for dev
  • NEXTAUTH_URL must be set and must not have a trailing slash
  • GitHub OAuth apps have a single callback URL field — use a separate app per environment or a wildcard if the plan allows

Revisions (0)

No revisions yet.