Generic OIDC via Cloudflare

Trying to configure Homarr to use generic OIDC via Cloudflare Zero Trust (https://developers.cloudflare.com/cloudflare-one/access-controls/applications/http-apps/saas-apps/generic-oidc-saas/). I have an issue open here (https://github.com/homarr-labs/homarr/issues/4406), but seem to have hit a dead end.

I've configured it per the Homarr instructions (https://homarr.dev/docs/advanced/single-sign-on/). I've double checked with other apps I've configured using the same Cloudflare stack and I don't see any obvious configuration issues. I repeatedly get the following error when I try to log in - the name="o" and "name":"t" sometimes change to different letters, but it's always teh same CallbackRouteError and OAUTH_INVALID_RESPONSE.

2025-11-03T16:41:32.701Z error: Read more at https://errors.authjs.dev#callbackrouteerror name="o" type="CallbackRouteError" kind="error"
    at dH (/app/apps/nextjs/.next/server/chunks/8673.js:405:19222)
    at async dQ (/app/apps/nextjs/.next/server/chunks/8673.js:405:26325)
    at async dS (/app/apps/nextjs/.next/server/chunks/8673.js:405:31006)
    at async i (/app/apps/nextjs/.next/server/app/api/auth/[...nextauth]/route.js:1:2373)
    at async rN.do (/app/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:5:21042)
    at async rN.handle (/app/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:5:25860)
    at async k (/app/apps/nextjs/.next/server/app/api/auth/[...nextauth]/route.js:1:7227)
    at async rN.handleResponse (/app/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:1:105568)
    at async g (/app/apps/nextjs/.next/server/app/api/auth/[...nextauth]/route.js:1:8230)
    at async x (/app/apps/nextjs/.next/server/app/api/auth/[...nextauth]/route.js:1:9352)
caused by {"err":{"code":"OAUTH_INVALID_RESPONSE","name":"t"},"expected":"[string redacted]","parameters":{},"provider":"oidc"}

2025-11-03T16:41:32.701Z error: Read more at https://errors.authjs.dev#callbackrouteerror name="o" type="CallbackRouteError" kind="error"
    at dH (/app/apps/nextjs/.next/server/chunks/8673.js:405:19222)
    at async dQ (/app/apps/nextjs/.next/server/chunks/8673.js:405:26325)
    at async dS (/app/apps/nextjs/.next/server/chunks/8673.js:405:31006)
    at async i (/app/apps/nextjs/.next/server/app/api/auth/[...nextauth]/route.js:1:2373)
    at async rN.do (/app/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:5:21042)
    at async rN.handle (/app/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:5:25860)
    at async k (/app/apps/nextjs/.next/server/app/api/auth/[...nextauth]/route.js:1:7227)
    at async rN.handleResponse (/app/node_modules/next/dist/compiled/next-server/app-route.runtime.prod.js:1:105568)
    at async g (/app/apps/nextjs/.next/server/app/api/auth/[...nextauth]/route.js:1:8230)
    at async x (/app/apps/nextjs/.next/server/app/api/auth/[...nextauth]/route.js:1:9352)
caused by {"err":{"code":"OAUTH_INVALID_RESPONSE","name":"t"},"expected":"[string redacted]","parameters":{},"provider":"oidc"}

Homarr is deployed as a Docker container on Unraid v1.43.2.

GitHub

homarr-labs/homarr

A modern and easy to use dashboard. 30+ integrations. 10K+ icons built in. Authentication out of the box. No YAML, drag and drop configuration. - homarr-labs/homarr

Solution

Duplicate of https://github.com/homarr-labs/homarr/issues/4406

GitHub

bug: OIDC not working with Cloudflare Zero Trust / SaaS · Issue #4...

Describe the bug Attempting to configure Homarr using OIDC via Cloudflare Zero Trust / Generic OIDC. When I set up the variables in https://homarr.dev/docs/advanced/single-sign-on/ I get the follow...

Jump to solution

Generic OIDC via Cloudflare

Similar Threads