VibeLogin
Back to site

OAuth — Google & GitHub Login

Overview

VibeLogin supports OAuth login with Google and GitHub out of the box. Your users can sign in with their existing accounts.

How it works

  1. User clicks "Sign in with Google/GitHub" on your hosted login page
  2. VibeLogin redirects to the provider's authorization page
  3. User authorizes your app
  4. Provider redirects back to VibeLogin's callback
  5. VibeLogin creates or links the user account and redirects to your app

OAuth flows are handled entirely by VibeLogin. You don't need any OAuth code in your app. You just configure the provider credentials in your console.

Setting up Google

1. Create OAuth credentials

  • Go to Google Cloud Console → APIs & Services → Credentials
  • Create an OAuth 2.0 Client ID (Web application)
  • Add the authorized redirect URI:
https://api.vibelogin.com/oauth/{your-project-slug}/google/callback

Find your project slug in the VibeLogin console under your project settings. It's the oauth_slug value.

2. Configure in VibeLogin

  • Go to app.vibelogin.com → Your Project → Settings → Auth Providers
  • Click "Add Provider" → Select "Google"
  • Paste your Client ID and Client Secret from Google Cloud Console
  • Scopes default to openid email profile (recommended)
  • Click Save

Setting up GitHub

1. Create OAuth App

  • Go to GitHub → Settings → Developer Settings → OAuth Apps → New OAuth App
  • Set the Authorization callback URL to:
https://api.vibelogin.com/oauth/{your-project-slug}/github/callback

2. Configure in VibeLogin

  • Go to app.vibelogin.com → Your Project → Settings → Auth Providers
  • Click "Add Provider" → Select "GitHub"
  • Paste your Client ID and Client Secret
  • Scopes default to user:email read:user
  • Click Save

Custom OIDC Providers

You can add any OIDC-compliant provider (Okta, Auth0, Keycloak, Microsoft, etc.):

  1. In Settings → Auth Providers → Add Provider → Select "Custom OIDC"
  2. Enter:
    • Provider name (e.g., "okta")
    • Client ID and Client Secret
    • Issuer URL (e.g., https://your-org.okta.com)
    • Scopes (default: openid email profile)

VibeLogin auto-discovers all endpoints via the issuer's .well-known/openid-configuration.

Callback URI reference

The callback URI for any provider follows this pattern:

https://api.vibelogin.com/oauth/{project-slug}/{provider-name}/callback

This is shown in your project's Settings → Auth Providers page.

Troubleshooting

Common issues

  • redirect_uri_mismatch — The callback URI in your provider console doesn't match exactly. Check for trailing slashes.
  • access_denied — The user denied the authorization request.
  • Provider not showing on login page — Make sure the provider is enabled in Settings → Auth Providers.