#OAuth routing

1 messages · Page 1 of 1 (latest)

grave knollBOT
#

Hi @raw marsh. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:

#

I looked through the provided Better Auth + Convex threads, and I didn’t find a report specifically about a generic “/api/callback” route breaking for Roblox. The issues I can cite that are closest all point to routing/URL mismatches between the Convex “site” domain (HTTP Actions) and the “cloud” domain, missing route registration, or incorrect callback URL configuration:

  • For OAuth with Convex Auth, the callback URL must use your Convex Site URL (ends with .convex.site), not the Cloud URL (.convex.cloud). In dev, that distinction also maps to ports (Site URL often on 3211, Cloud on 3210). If your OAuth provider expects a callback, it should look like: <https://<your-deployment>.convex.site/api/auth/callback/<provider>.> [General setup; Discord example]

  • If you’re exposing Better Auth routes via Convex httpRouter, make sure they’re actually registered and that your client points to the Site URL (convex.site). A 404 often means routes weren’t registered or you’re calling the Cloud URL instead of the Site URL. Set baseURL in exactly one place (client or server) and ensure it’s the Site URL. [Better-auth 404; POST /api/auth 404 hint]

  • In production, use a separate OAuth “app” per environment (dev/prod) with matching callback URLs and environment variables; also set SITE_URL (or CUSTOM_AUTH_SITE_URL if you’re on a custom domain) so generated sign-in and callback URLs align. [Production setup; Custom URLs]

#
  • Some providers (Discord, GitHub in the cited threads) are sensitive to the exact redirect_uri. Double-check you’re using the correct domain (convex.site) and exact path the provider expects. A few users fixed issues by switching from .cloud to .site or correcting the callback path. [Convex Auth + GitHub thread; Discord setup note]

I don’t have a Roblox-specific thread or a report about a plain “/api/callback” route in the provided sources. If your Better Auth component exposes a different callback path (e.g., /api/auth/callback/<provider>) ensure Roblox’s OAuth app configuration matches that exact URL on your Convex Site domain. If you’re still seeing 404s, verify:

  • Your httpRouter registers Better Auth routes and is deployed/running. [POST /api/auth 404 hint]
  • Your frontend (auth client/baseURL) is calling the convex.site domain, not convex.cloud. [Better-auth 404]
  • The OAuth app callback URL exactly matches what your Better Auth setup expects (domain + path). [General setup]

If you can share the exact callback URL you configured in Roblox and the route you registered in convex/http.ts (or how your Better Auth component registers routes), I can help pinpoint the mismatch.

Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: