gotchatypescriptMajor
OAuth Provider Configuration: Redirect URI Mismatch
Viewed 0 times
oauthredirect uricallback urlprovider consoleNEXTAUTH_URLredirect_uri_mismatch
Error Messages
Problem
OAuth sign-in redirects back with an error immediately after the provider's consent screen. The app never receives the authorization code.
Solution
The redirect URI registered in the provider's developer console must exactly match the one the library sends. For NextAuth, it is always {NEXTAUTH_URL}/api/auth/callback/{provider}. Register every environment's URL (localhost, staging, production) explicitly in the provider's console.
Why
OAuth servers perform a strict string comparison of the redirect_uri parameter against the registered list. A trailing slash, http vs https, or wrong port causes rejection before the code is issued.
Gotchas
- Google rejects http:// redirect URIs for production domains — localhost http is allowed for dev
- NEXTAUTH_URL must be set and must not have a trailing slash
- GitHub OAuth apps have a single callback URL field — use a separate app per environment or a wildcard if the plan allows
Revisions (0)
No revisions yet.