This guide will help you set up Google and GitHub OAuth authentication for your chat application using Appwrite.
- An Appwrite project (Cloud or Self-hosted)
- Google Cloud Console account
- GitHub account
-
Navigate to your Appwrite Console
- Go to your Appwrite project dashboard
- Click on Auth in the left sidebar
- Go to Settings tab
-
Configure OAuth Providers
- Scroll down to OAuth2 Providers
- Enable Google and GitHub providers
-
Go to Google Cloud Console
- Visit: https://console.cloud.google.com/
- Create a new project or select existing one
-
Enable Google+ API
- Go to APIs & Services > Library
- Search for "Google+ API" and enable it
-
Configure OAuth Consent Screen
- Go to APIs & Services > OAuth consent screen
- Choose External user type
- Fill in required fields:
- App name:
Your App Name - User support email:
your-email@domain.com - Developer contact:
your-email@domain.com
- App name:
-
Create OAuth Client ID
- Go to APIs & Services > Credentials
- Click + CREATE CREDENTIALS > OAuth client ID
- Choose Web application
- Configure:
- Name:
Your App OAuth Client - Authorized JavaScript origins:
http://localhost:3000 https://yourdomain.com - Authorized redirect URIs:
provided in the appwrite console oauth2 modal
- Name:
-
Copy Credentials
- Copy the Client ID and Client Secret
- Paste them in your Appwrite Google OAuth provider settings
-
Go to GitHub Settings
- Visit: https://github.com/settings/applications/new
- Or go to GitHub > Settings > Developer settings > OAuth Apps
-
Register New OAuth App
- Application name:
Your App Name - Homepage URL:
https://yourdomain.comorhttp://localhost:3000 - Authorization callback URL:
provided in the appwrite console oauth2 modal
- Application name:
-
Get Credentials
- Copy the Client ID
- Generate and copy the Client Secret
- Paste them in your Appwrite GitHub OAuth provider settings
- In Appwrite Console, find the Google OAuth2 provider
- Paste your Google Client ID in the App ID field
- Paste your Google Client Secret in the App Secret field
- Click Update
- In Appwrite Console, find the GitHub OAuth2 provider
- Paste your GitHub Client ID in the App ID field
- Paste your GitHub Client Secret in the App Secret field
- Click Update
Make sure your application handles these redirect URLs:
- URL:
/auth/success - Purpose: Handles successful OAuth authentication
- Behavior: Verifies user and redirects to main app
- URL:
/auth/failure - Purpose: Handles failed OAuth authentication
- Behavior: Shows error message and redirects back
-
Start your development server
npm run dev
-
Test OAuth flows
- Click "Continue with Google" in the auth modal
- Click "Continue with GitHub" in the auth modal
- Verify successful authentication and redirection
When deploying to production:
-
Update Google OAuth Client
- Add your production domain to Authorized JavaScript origins
- Update the Authorized redirect URIs with your production Appwrite endpoint
-
Update GitHub OAuth App
- Update Homepage URL to your production domain
- Update Authorization callback URL with your production Appwrite endpoint
-
Verify Appwrite Settings
- Ensure your OAuth providers are configured with production credentials
- Test authentication flows in production environment
-
"redirect_uri_mismatch" Error
- Check that your redirect URIs match exactly in both provider settings and Appwrite
- Ensure you're using the correct Appwrite project ID
-
"invalid_client" Error
- Verify your Client ID and Client Secret are correct
- Check that the OAuth app is not in development mode (for production)
-
CORS Issues
- Ensure your domain is added to the authorized origins
- Check Appwrite's allowed origins settings
To debug OAuth issues:
- Check browser network tab for failed requests
- Review Appwrite logs in the console
- Verify all URLs and credentials match exactly
- Never commit OAuth secrets to version control
- Use environment variables for sensitive credentials in production
- Regularly rotate OAuth secrets
- Monitor OAuth usage in your provider dashboards