All Docs
Getting StartedPosibl Life & Gym AppUpdated March 14, 2026

Fixing the OAuth Provider Credentials Gap — v1.0.41

Fixing the OAuth Provider Credentials Gap — v1.0.41

TL;DR: A missing section in .env.example meant that OAuth credentials for Google, GitHub, Microsoft Entra ID, and Okta were never documented. Fresh installs silently fell through to a "No authentication providers configured" dead-end. v1.0.41 fixes this.

What was the problem?

The authentication layer (src/platform/auth/providers.ts) reads up to four OAuth providers from environment variables at startup:

  • GoogleAUTH_GOOGLE_ID, AUTH_GOOGLE_SECRET
  • GitHubAUTH_GITHUB_ID, AUTH_GITHUB_SECRET
  • Microsoft Entra IDAUTH_MICROSOFT_ENTRA_ID_ID, AUTH_MICROSOFT_ENTRA_ID_SECRET, AUTH_MICROSOFT_ENTRA_ID_ISSUER
  • OktaAUTH_OKTA_ID, AUTH_OKTA_SECRET, AUTH_OKTA_ISSUER

When none of these variables are set, the sign-in UI component (src/platform/auth/sign-in-buttons.tsx) renders:

No authentication providers configured

Because .env.example contained no OAuth provider section, anyone following the standard setup flow (copy .env.example → fill in values → run the app) would arrive at a completely broken sign-in screen with no indication of what was missing.

What changed in v1.0.41?

An OAuth Providers section has been added to .env.example. It explicitly marks at least one provider as required and documents where to obtain credentials for each supported provider.

Setting up OAuth for a new installation

Step 1 — Choose at least one provider

You must configure at least one OAuth provider. Google is the recommended starting point because it covers the widest range of users and has a straightforward setup flow.

Step 2 — Create OAuth credentials

Google (recommended)

  1. Go to Google Cloud Console.
  2. Create or select a project.
  3. Navigate to APIs & Services → Credentials.
  4. Click Create Credentials → OAuth 2.0 Client ID.
  5. Set the authorised redirect URI to: 
    https://<your-domain>/api/auth/callback/google
  6. Copy the Client ID and Client Secret.

GitHub (optional)

  1. Go to GitHub → Settings → Developer settings → OAuth Apps.
  2. Register a new OAuth application.
  3. Set the callback URL to: 
    https://<your-domain>/api/auth/callback/github
  4. Copy the Client ID and generate a Client Secret.

Microsoft Entra ID (optional)

  1. Open the Azure portal and navigate to Entra ID → App registrations.
  2. Register a new application.
  3. Add a redirect URI: 
    https://<your-domain>/api/auth/callback/microsoft-entra-id
  4. Note the Application (client) ID, generate a client secret, and copy the issuer URL from the Endpoints panel (e.g. https://login.microsoftonline.com/<tenant-id>/v2.0).

Okta (optional)

  1. In your Okta Admin Console, go to Applications → Create App Integration.
  2. Choose OIDC – OpenID Connect and Web Application.
  3. Add the sign-in redirect URI: 
    https://<your-domain>/api/auth/callback/okta
  4. Copy the Client ID, Client Secret, and your Okta domain (used as the issuer URL, e.g. https://<your-okta-domain>/oauth2/default).

Step 3 — Populate .env

# ─────────────────────────────────────────────────────────────
# OAuth Providers — at least ONE must be configured
# ─────────────────────────────────────────────────────────────
AUTH_GOOGLE_ID=your-google-client-id
AUTH_GOOGLE_SECRET=your-google-client-secret

# AUTH_GITHUB_ID=           # optional
# AUTH_GITHUB_SECRET=       # optional

# AUTH_MICROSOFT_ENTRA_ID_ID=       # optional
# AUTH_MICROSOFT_ENTRA_ID_SECRET=   # optional
# AUTH_MICROSOFT_ENTRA_ID_ISSUER=   # optional

# AUTH_OKTA_ID=             # optional
# AUTH_OKTA_SECRET=         # optional
# AUTH_OKTA_ISSUER=         # optional

Step 4 — Restart and verify

After setting the variables, restart your development server. The sign-in page should now display buttons for each provider you have configured. If you still see "No authentication providers configured", double-check that the variable names are spelled correctly and that the environment file is being loaded by your runtime.

Environment variable reference

VariableProviderRequired
AUTH_GOOGLE_IDGoogleIf using Google
AUTH_GOOGLE_SECRETGoogleIf using Google
AUTH_GITHUB_IDGitHubIf using GitHub
AUTH_GITHUB_SECRETGitHubIf using GitHub
AUTH_MICROSOFT_ENTRA_ID_IDMicrosoft Entra IDIf using Entra ID
AUTH_MICROSOFT_ENTRA_ID_SECRETMicrosoft Entra IDIf using Entra ID
AUTH_MICROSOFT_ENTRA_ID_ISSUERMicrosoft Entra IDIf using Entra ID
AUTH_OKTA_IDOktaIf using Okta
AUTH_OKTA_SECRETOktaIf using Okta
AUTH_OKTA_ISSUEROktaIf using Okta

At least one complete provider set (ID + Secret, plus Issuer where applicable) must be present or the application will not render any sign-in options.

Related files

  • src/platform/auth/providers.ts — reads provider credentials and registers active providers
  • src/platform/auth/sign-in-buttons.tsx — renders per-provider sign-in buttons; shows the "no providers" fallback when the list is empty
  • .env.example — canonical reference for all required and optional environment variables