BA
Better Auth5mo ago
Michał

Wildcard domain

I have an unusual use case for auth: my authentication database is shared between multiple apps running on different subdomains. Accounts created in one app also exist in other apps. This almost works. However, I’ve stumbled upon a weird problem: sometimes both Google and Email/Password authentication fail. Google reports an incorrect redirect_uri, while Email/Password reports an invalid origin. I’ve tried debugging and found that the redirect_uri was indeed incorrect – even though I was logging in from domain.com, the redirect_uri was set to xxxx.domain.com, which is not allowed. Moreover, I’ve never even opened xxxx.domain.com before. I tried clearing all cookies and local storage, but that didn’t help. What can I do?
7 Replies
bekacru
bekacru5mo ago
Set the redirect uri directly in the provide config For all providers you can pass ‘redirectURI’ in their config
Michał
MichałOP5mo ago
Thank you! That could fix the problem for Google – I can manually set redirectURI. But I don't think it'll fix the invalid origin for email and password.
bekacru
bekacru5mo ago
For invalid origin, what origin is shown as invalid
Michał
MichałOP5mo ago
One of other subdomains that I use for email/pass login
bekacru
bekacru5mo ago
add it to trustedOrigins list
Michał
MichałOP5mo ago
That's impossible because I don't know the URL upfront. The domain could be anything and it would be infeasible to add 100000 domains to the list anyway. My trustedOrigins right now is this: 
trustedOrigins: (request) => {
    return [
        new URL(request.url).origin,
        `https://${env.NEXT_PUBLIC_VERCEL_URL}`,
    ];
}
trustedOrigins: (request) => {
    return [
        new URL(request.url).origin,
        `https://${env.NEXT_PUBLIC_VERCEL_URL}`,
    ];
}
Habtemariam
Habtemariam5mo ago
After signin with google I set callbackURL:"/home" and it suppose to redirect http://localhost:5173/home But it redirect http://127.0.0.1:3000/home

Did you find this page helpful?