Supascale
Sign Up

Redirect URLs

Understanding and configuring OAuth redirect URLs in Supascale.

Redirect URLs (also called callback URLs) are a critical part of OAuth authentication. This guide explains how they work and how to configure them correctly.

How OAuth Redirects Work

  1. User clicks "Sign in with Google" (or other provider)
  2. User is redirected to the provider's login page
  3. After authentication, provider redirects back to your callback URL
  4. Supabase processes the callback and creates/signs in the user
  5. User is redirected to your application

Callback URL Format

Supascale uses Supabase's standard callback endpoint:

http://your-domain:API_PORT/auth/v1/callback

For example, if your API runs on port 54321:

http://localhost:54321/auth/v1/callback

Or with a custom domain:

https://api.yourapp.com/auth/v1/callback

Finding Your Callback URL

  1. Go to your project in Supascale
  2. Navigate to Settings > Auth Providers
  3. Click on any provider
  4. The callback URL is displayed in the configuration dialog
  5. Use the copy button to copy it exactly

Configuring in Provider Consoles

Each OAuth provider has a different interface, but the general steps are:

Google

  1. Go to Google Cloud Console
  2. Select your project
  3. Navigate to APIs & Services > Credentials
  4. Click on your OAuth 2.0 Client ID
  5. Under Authorized redirect URIs, add your callback URL

GitHub

  1. Go to GitHub Developer Settings
  2. Select your OAuth App
  3. In Authorization callback URL, enter your callback URL

Discord

  1. Go to Discord Developer Portal
  2. Select your application
  3. Navigate to OAuth2 > General
  4. Add your callback URL under Redirects

Site URL and Additional Redirects

Beyond the OAuth callback, you also need to configure:

Site URL

The main URL of your application. This is where users are redirected after authentication.

  1. Go to Settings > Authentication
  2. Set the Site URL field

Additional Redirect URLs

If your app runs on multiple domains or you need to support multiple redirect destinations:

  1. Go to Settings > Authentication
  2. Add URLs to Additional Redirect URLs (comma-separated)

Example:

http://localhost:3000,https://staging.yourapp.com,https://yourapp.com

Common Issues

Redirect URI Mismatch

Error: "redirect_uri_mismatch" or "Invalid redirect URI"

Solution:

  • Ensure the URL in the provider console matches exactly
  • Check for trailing slashes
  • Verify the port number is correct
  • Ensure protocol (http/https) matches

HTTPS Requirements

Some providers (like Google, Facebook) require HTTPS redirect URLs in production:

  • Use a reverse proxy (nginx, Caddy) with SSL
  • Configure Let's Encrypt certificates in Supascale
  • See SSL Certificates for setup

Localhost Issues

For local development:

  • Use http://localhost:PORT (not 127.0.0.1)
  • Some providers have special handling for localhost
  • Google allows localhost without HTTPS

Best Practices

  1. Always use HTTPS in production - Required by most providers and essential for security
  2. Use exact URLs - No wildcards in redirect URLs
  3. Update when domains change - Update both Supascale and provider console
  4. Test after configuration - Always test the full authentication flow