Michał @ yournextstore.com
Michał @ yournextstore.com
BABetter Auth
Created by Michał @ yournextstore.com on 4/23/2025 in #help
Wildcard domain
I have an unusual use case for auth: my authentication database is shared between multiple apps running on different subdomains. Accounts created in one app also exist in other apps. This almost works. However, I’ve stumbled upon a weird problem: sometimes both Google and Email/Password authentication fail. Google reports an incorrect redirect_uri, while Email/Password reports an invalid origin. I’ve tried debugging and found that the redirect_uri was indeed incorrect – even though I was logging in from domain.com, the redirect_uri was set to xxxx.domain.com, which is not allowed. Moreover, I’ve never even opened xxxx.domain.com before. I tried clearing all cookies and local storage, but that didn’t help. What can I do?
8 replies