Custom OAuth response paths
I'm trying to configure a custom OAuth provider and I'm running into issues retrieving user details. Users are able to log in and are succesfully redirected back to the callback url, however typebot does not log the user in. I'm using a selfhosted instance of Authentik as my OAuth provider the scopes are defined in the attached image.
2 Replies
From the typebot builder logs:
I've tried defining the OAUTH_USER_PARAM_PATH variables with https://permit.archaic.ops.whitetech.ca/application/o/userinfo/PARAM as well as with OAuthProfile.PARAM but neither method has worked. If someone would be able to point me in the right direction for defining environment variables that would be greatly appreciated.
[next-auth][error][OAUTH_PARSE_PROFILE_ERROR]
https://next-auth.js.org/errors#oauth_parse_profile_error Profile id is missing in WT SignMeIn OAuth profile response {
error: {
message: 'Profile id is missing in WT SignMeIn OAuth profile response',
stack: 'TypeError: Profile id is missing in WT SignMeIn OAuth profile response\n' +
' at getProfile (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/core/lib/oauth/callback.js:164:28)\n' +
' at async oAuthCallback (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/core/lib/oauth/callback.js:136:27)\n' +
' at async Object.callback (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/core/routes/callback.js:52:11)\n' +
' at async AuthHandler (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/core/index.js:208:28)\n' +
' at async NextAuthApiHandler (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/next/index.js:22:19)\n' +
' at async z (/app/apps/builder/.next/server/chunks/524.js:1:8214)\n' +
' at async K (/app/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected]/node_modules/next/dist/compiled/next-server/pages-api.runtime.prod.js:20:16545)\n' +
' at async U.render (/app/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected]/node_modules/next/dist/compiled/next-server/pages-api.runtime.prod.js:20:16981)\n' +
' at async NextNodeServer.runApi
[next-auth][error][OAUTH_PARSE_PROFILE_ERROR]
https://next-auth.js.org/errors#oauth_parse_profile_error Profile id is missing in WT SignMeIn OAuth profile response {
error: {
message: 'Profile id is missing in WT SignMeIn OAuth profile response',
stack: 'TypeError: Profile id is missing in WT SignMeIn OAuth profile response\n' +
' at getProfile (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/core/lib/oauth/callback.js:164:28)\n' +
' at async oAuthCallback (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/core/lib/oauth/callback.js:136:27)\n' +
' at async Object.callback (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/core/routes/callback.js:52:11)\n' +
' at async AuthHandler (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/core/index.js:208:28)\n' +
' at async NextAuthApiHandler (/app/node_modules/.pnpm/[email protected][email protected][email protected][email protected][email protected]/node_modules/next-auth/next/index.js:22:19)\n' +
' at async z (/app/apps/builder/.next/server/chunks/524.js:1:8214)\n' +
' at async K (/app/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected]/node_modules/next/dist/compiled/next-server/pages-api.runtime.prod.js:20:16545)\n' +
' at async U.render (/app/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected]/node_modules/next/dist/compiled/next-server/pages-api.runtime.prod.js:20:16981)\n' +
' at async NextNodeServer.runApi
(/app/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected]/node_modules/next/dist/server/next-server.js:556:9)\n' +
' at async NextNodeServer.handleCatchallRenderRequest (/app/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected]/node_modules/next/dist/server/next-server.js:268:37)',
name: 'TypeError'
},
OAuthProfile: {
iss: 'https://<DOMAIN REDACTED>/application/o/typebot-builder/',
sub: '751ac0f4a7fa409605f911c29906a45aabc625520626b34346a4bfde669f6df5',
aud: 'Npv4zDDb8q2WpD5B92zChuyXF4Ah5gwApglAJUyN',
exp: 1718039027,
iat: 1718038727,
auth_time: 1718037575,
acr: 'goauthentik.io/providers/oauth2/default',
name: '<NAME REDACTED>',
given_name: '<NAME REDACTED>',
preferred_username: '<NAME REDACTED>',
nickname: '<NAME REDACTED>',
groups: []
},
message: 'Profile id is missing in WT SignMeIn OAuth profile response'
(/app/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected]/node_modules/next/dist/server/next-server.js:556:9)\n' +
' at async NextNodeServer.handleCatchallRenderRequest (/app/node_modules/.pnpm/[email protected]_@[email protected][email protected][email protected]/node_modules/next/dist/server/next-server.js:268:37)',
name: 'TypeError'
},
OAuthProfile: {
iss: 'https://<DOMAIN REDACTED>/application/o/typebot-builder/',
sub: '751ac0f4a7fa409605f911c29906a45aabc625520626b34346a4bfde669f6df5',
aud: 'Npv4zDDb8q2WpD5B92zChuyXF4Ah5gwApglAJUyN',
exp: 1718039027,
iat: 1718038727,
auth_time: 1718037575,
acr: 'goauthentik.io/providers/oauth2/default',
name: '<NAME REDACTED>',
given_name: '<NAME REDACTED>',
preferred_username: '<NAME REDACTED>',
nickname: '<NAME REDACTED>',
groups: []
},
message: 'Profile id is missing in WT SignMeIn OAuth profile response'
Update: Issue resolved. For anyone else working w/ Authentik as an OAuth provider I've found the following to work:
CUSTOM_OAUTH_USER_ID_PATH=sub
CUSTOM_OAUTH_USER_NAME_PATH=name
CUSTOM_OAUTH_USER_EMAIL_PATH=email
CUSTOM_OAUTH_SCOPE= openid profile email
CUSTOM_OAUTH_USER_ID_PATH=sub
CUSTOM_OAUTH_USER_NAME_PATH=name
CUSTOM_OAUTH_USER_EMAIL_PATH=email
CUSTOM_OAUTH_SCOPE= openid profile email
