OAuth providers

GoogleGitHub

1. Go to Google Cloud Console
2. Create a project (or select an existing one)
3. Enable the Google+ API or People API (for user profile)
4. Go to APIs & Services → Credentials and create OAuth 2.0 Client ID
5. Choose Web application
6. Add Authorized redirect URI: http://localhost:8080/api/auth/google/callback (dev) or https://your-domain.com/api/auth/google/callback (production)
7. Copy Client ID and Client secret into config or env vars

1. Go to GitHub Developer Settings
2. Click New OAuth App
3. Set Application name and Homepage URL
4. Set Authorization callback URL: https://your-domain.com/api/auth/github/callback (must use HTTPS in production)
5. Copy Client ID and generate Client secret into config or env vars

Config and environment

Config fileEnvironment variables

auth:
  oauth_redirect_url: https://your-domain.com/api/auth/google/callback
  providers:
    google:
      enabled: true
      client_id: xxx.apps.googleusercontent.com
      client_secret: xxx
    github:
      enabled: true
      client_id: xxx
      client_secret: xxx

export OAUTH_REDIRECT_URL="https://your-domain.com/api/auth/google/callback"
export GOOGLE_CLIENT_ID="xxx.apps.googleusercontent.com"
export GOOGLE_CLIENT_SECRET="xxx"
export GITHUB_CLIENT_ID="xxx"
export GITHUB_CLIENT_SECRET="xxx"

Callback URLs

The backend derives callback URLs from oauth_redirect_url:

• Google: {oauth_redirect_url} (use the Google callback path)
• GitHub: Replace /google/ with /github/ in the path

So if oauth_redirect_url is https://example.com/api/auth/google/callback, the GitHub callback is https://example.com/api/auth/github/callback.