OAuth Providers
Configure Google and GitHub OAuth credentials
Variables
| Variable | Required | Purpose |
|---|---|---|
GOOGLE_CLIENT_ID | Yes (for Google OAuth) | Google OAuth client identifier. |
GOOGLE_CLIENT_SECRET | Yes (for Google OAuth) | Google OAuth client secret. |
GITHUB_CLIENT_ID | Yes (for GitHub OAuth) | GitHub OAuth app client ID. |
GITHUB_CLIENT_SECRET | Yes (for GitHub OAuth) | GitHub OAuth app secret. |
Google OAuth
- Open Google Cloud Console.
- Open
APIs & Services -> OAuth consent screenand complete required fields. - Go to
APIs & Services -> Credentials. - Click
Create credentials -> OAuth client ID. - Select application type
Web application. - Add authorized redirect URLs:
http://localhost:3000/api/auth/callback/googlehttps://<your-domain>/api/auth/callback/google
- Click create and copy client ID/secret to env.
GOOGLE_CLIENT_ID="...apps.googleusercontent.com"
GOOGLE_CLIENT_SECRET="..."GitHub OAuth
- Open https://github.com/settings/developers.
- Click
OAuth Apps -> New OAuth App. - Fill app name and homepage URL.
- Set callback URLs:
http://localhost:3000/api/auth/callback/githubhttps://<your-domain>/api/auth/callback/github
- Click create app.
- Copy client ID and generate client secret.
GITHUB_CLIENT_ID="..."
GITHUB_CLIENT_SECRET="..."Security Notes
- Do not expose client secrets to browser code.
- Use separate OAuth apps for dev and production when possible.
- Keep callback URLs exact (protocol + domain + path).