Lovable auth

OAuth Callback URL Mismatch with GitHub/Google Provider

OAuth authentication fails with error 'redirect_uri_mismatch' or callback page shows blank/error. Users cannot sign in via GitHub or Google because the configured redirect URL doesn't match.

OAuth providers validate that the redirect URL matches exactly what was registered. Any difference in protocol, domain, path, or query parameters will cause the mismatch error.

Error Messages You Might See

error=redirect_uri_mismatch invalid_request The redirect_uri provided is not registered
error=redirect_uri_mismatchinvalid_requestThe redirect_uri provided is not registered

Common Causes

  1. Localhost used in development but https://mysite.com in production config
  2. Port number mismatch (localhost:3000 vs localhost:5173)
  3. Protocol mismatch (http vs https)
  4. Trailing slash differences in callback URL
  5. Using wrong site domain after deployment

How to Fix It

In Supabase dashboard > Authentication > Providers > GitHub/Google, set redirect URLs:

Development: http://localhost:5173/auth/callback

Production: https://yourdomain.com/auth/callback

Create both entries if supporting both environments. Ensure Vite dev server runs on the exact port configured.

Real developers can help you.

Yovel Cohen Yovel Cohen I got a lot of experience in building Long-horizon AI Agents in production, Backend apps that scale to millions of users and frontend knowledge as well. Jacek Rozanski Jacek Rozanski Senior PHP/Symfony developer and DevOps engineer with 20+ years of professional experience, running opcode.pl (web development agency, est. 2004). Day job: I'm the sole backend developer at merketing company where I own and maintain 11 PHP/Symfony microservices on AWS (ECS Fargate, RDS, S3, CloudFront), handle the full CI/CD pipeline (Bitbucket Pipelines, Docker), and manage monitoring with Sentry and CloudWatch. These services handle high request volumes in production every month. What I bring to AI-built apps: - I audit and fix security issues (OWASP methodology), performance bottlenecks, and architectural problems in codebases generated by Cursor, Claude Code, Lovable, Bolt, and v0 - I refactor AI-generated prototypes into production-grade applications with proper error handling, testing, and clean architecture (SOLID, DDD, hexagonal architecture) - I set up the infrastructure AI tools don't touch: AWS hosting, CI/CD pipelines, automated deployments, database optimization, monitoring, and alerting - I integrate external services: payment providers, email systems, partner APIs, SSO/auth Tech stack: PHP 8.x, Symfony, React, Next.js, PostgreSQL, MySQL, Docker, AWS (ECS, RDS, S3, SQS/SNS, CloudFront), Terraform, Supabase. I also use AI tools daily (Claude Code, Cursor) in my own workflow, so I understand both the strengths and the gaps in AI-generated code. Based in Poland (CET timezone). Available for async work and calls during EU/US business hours. Anthony Akpan Anthony Akpan Developer with 8 years of experience building softwares fro startups Matt Butler Matt Butler Software Engineer @ AWS zipking zipking I am a technologist and product builder dedicated to creating high-impact solutions at the intersection of AI and specialized markets. Currently, I am focused on PropScan (EstateGuard), an AI-driven SaaS platform tailored for the Japanese real estate industry, and exploring the potential of Archify. As an INFJ-T, I approach development with a "systems-thinking" mindset—balancing technical precision with a deep understanding of user needs. I particularly enjoy the challenge of architecting Vertical AI SaaS and optimizing Small Language Models (SLMs) to solve specific, real-world business problems. Whether I'm in a CTO-level leadership role or hands-on with the code, I thrive on building tools that turn complex data into actionable value. Meïr Ankri Meïr Ankri Full-stack developer specializing in React / Next.js / Node.js with 6+ years of experience. I've worked across various sectors including automotive (Reezocar/Société Générale), healthcare (Medical Link SaaS), and e-commerce (Glasman). I build web apps end-to-end, from architecture to production, with a focus on scalability, performance, and code quality. I also mentor junior developers and contribute to technical decisions and code reviews. legrab legrab I'll fill this later AUXLE AUXLE I am a Full Stack Developer experienced in building Websites, Web apps and Cross Platform Mobile Apps for Startups and Companies. Tejas Chokhawala Tejas Chokhawala Full-stack engineer with 5 years experience building production web apps using React, Next.js and TypeScript. Focused on performance, clean architecture and shipping fast. Experienced with Supabase/Postgres backends, Stripe billing, and building AI-assisted developer tools. Taufan Taufan I’m a product-focused engineer and tech leader who builds scalable systems and turns ideas into production-ready platforms. Over the past years, I’ve worked across startups and fast-moving teams, leading backend architecture, improving system reliability, and shipping products used by thousands of users. My strength is not just writing code — but connecting product vision, technical execution, and business impact.

You don't need to be technical. Just describe what's wrong and a verified developer will handle the rest.

Get Help

Frequently Asked Questions

Do I need HTTPS for callbacks?

Yes for production. Development with localhost HTTP is allowed. All production URLs must use HTTPS.

How do I use different URLs for dev and prod?

Register both URLs in the OAuth provider settings. Use environment variables to switch between them.

Related Lovable Issues

Supabase Auth Session Not Persisting Across Page Reloads

auth

Row Level Security (RLS) Policy Blocks All Database Access

auth

JWT Token Expires Silently Causing Unexpected Logout

auth

Auth State Lost During Navigation or Redirect

auth

Can't fix it yourself?
Real developers can help.

You don't need to be technical. Just describe what's wrong and a verified developer will handle the rest.

Get Help