Lovable auth

OAuth Callback URL Mismatch with GitHub/Google Provider

OAuth authentication fails with error 'redirect_uri_mismatch' or callback page shows blank/error. Users cannot sign in via GitHub or Google because the configured redirect URL doesn't match.

OAuth providers validate that the redirect URL matches exactly what was registered. Any difference in protocol, domain, path, or query parameters will cause the mismatch error.

Error Messages You Might See

error=redirect_uri_mismatch invalid_request The redirect_uri provided is not registered
error=redirect_uri_mismatchinvalid_requestThe redirect_uri provided is not registered

Common Causes

  1. Localhost used in development but https://mysite.com in production config
  2. Port number mismatch (localhost:3000 vs localhost:5173)
  3. Protocol mismatch (http vs https)
  4. Trailing slash differences in callback URL
  5. Using wrong site domain after deployment

How to Fix It

In Supabase dashboard > Authentication > Providers > GitHub/Google, set redirect URLs:

Development: http://localhost:5173/auth/callback

Production: https://yourdomain.com/auth/callback

Create both entries if supporting both environments. Ensure Vite dev server runs on the exact port configured.

Real developers can help you.

BurnHavoc BurnHavoc Been around fixing other peoples code for 20 years. Yovel Cohen Yovel Cohen I got a lot of experience in building Long-horizon AI Agents in production, Backend apps that scale to millions of users and frontend knowledge as well. legrab legrab I'll fill this later Alvin Voo Alvin Voo I’ve watched the tech landscape evolve over the last decade—from the structured days of Java Server Pages to the current "wild west" of Agentic-driven development. While AI can "vibe" a frontend into existence, I specialize in the architecture that keeps it from collapsing. My expertise lies in the critical backend infrastructure: the parts that must be fast, secure, and scalable. I thrive on high-pressure environments, such as when I had only three weeks to architect and launch an Ethereum redemption system with minimal prior crypto knowledge, turning it into a major revenue stream. What I bring to your project: Forensic Debugging: I don't just "patch" bugs; I use tools like Datadog and Explain Analyzers to map out bottlenecks and resolve root causes—like significantly reducing memory usage by optimizing complex DB joins. Full-Stack Context: Deep experience in Node.js and React, ensuring backends play perfectly with mobile and web teams. Sanity in the Age of AI: I bridge the gap between "best practices" and modern speed, ensuring your project isn't just built fast, but built to last. Anthony Akpan Anthony Akpan Developer with 8 years of experience building softwares fro startups Meïr Ankri Meïr Ankri Full-stack developer specializing in React / Next.js / Node.js with 6+ years of experience. I've worked across various sectors including automotive (Reezocar/Société Générale), healthcare (Medical Link SaaS), and e-commerce (Glasman). I build web apps end-to-end, from architecture to production, with a focus on scalability, performance, and code quality. I also mentor junior developers and contribute to technical decisions and code reviews. Caio Rodrigues Caio Rodrigues I'm a full-stack developer focused on building practical and scalable web applications. My main experience is with **React, TypeScript, and modern frontend architectures**, where I prioritize clean code, component reusability, and maintainable project structures. I have strong experience working with **dynamic forms, state management (Redux / React Hook Form), and complex data-driven interfaces**. I enjoy solving real-world problems by turning ideas into reliable software that companies can actually use in their daily operations. Beyond coding, I care about **software quality and architecture**, following best practices for componentization, code organization, and performance optimization. I'm also comfortable working across the stack when needed, integrating APIs, handling business logic, and helping transform prototypes into production-ready systems. My goal is always to deliver solutions that are **simple, efficient, and genuinely useful for the people using them.** Kingsley Omage Kingsley Omage Fullstack software engineer passionate about AI Agents, blockchain, LLMs. Jen Jacobsen Jen Jacobsen I’m a Full-Stack Developer with over 10 years of experience building modern web and mobile applications. I enjoy working across the full product lifecycle — turning ideas into real, well-built products that are intuitive for users and scalable for businesses. I particularly enjoy building mobile apps, modern web platforms, and solving complex technical problems in a way that keeps systems clean, reliable, and easy to maintain. Costea Adrian Costea Adrian Embedded Engineer specilizing in perception systems. Latest project was a adas camera calibration system.

You don't need to be technical. Just describe what's wrong and a verified developer will handle the rest.

Get Help

Frequently Asked Questions

Do I need HTTPS for callbacks?

Yes for production. Development with localhost HTTP is allowed. All production URLs must use HTTPS.

How do I use different URLs for dev and prod?

Register both URLs in the OAuth provider settings. Use environment variables to switch between them.

Related Lovable Issues

Supabase Auth Session Not Persisting Across Page Reloads

auth

Row Level Security (RLS) Policy Blocks All Database Access

auth

JWT Token Expires Silently Causing Unexpected Logout

auth

Auth State Lost During Navigation or Redirect

auth

Can't fix it yourself?
Real developers can help.

You don't need to be technical. Just describe what's wrong and a verified developer will handle the rest.

Get Help