Michał @ yournextstore.com
BABetter Auth
•Created by Michał @ yournextstore.com on 4/23/2025 in #help
Wildcard domain
I have an unusual use case for auth: my authentication database is shared between multiple apps running on different subdomains. Accounts created in one app also exist in other apps.
This almost works. However, I’ve stumbled upon a weird problem: sometimes both Google and Email/Password authentication fail.
Google reports an incorrect redirect_uri, while Email/Password reports an invalid origin.
I’ve tried debugging and found that the redirect_uri was indeed incorrect – even though I was logging in from
domain.com
, the redirect_uri
was set to xxxx.domain.com
, which is not allowed. Moreover, I’ve never even opened xxxx.domain.com
before. I tried clearing all cookies and local storage, but that didn’t help.
What can I do?8 replies