Typebot
Log in

Share feedback, ideas and get community help

Updated 9 months ago

Custom OAuth response paths

At a glance

The community member is trying to configure a custom OAuth provider, Authentik, and is having issues retrieving user details. While users are able to log in and are successfully redirected back to the callback URL, the application (Typebot) does not log the user in. The community member has encountered an error related to the missing profile ID in the OAuth profile response.

After trying various approaches, the community member has found a solution that works for them when using Authentik as the OAuth provider. The solution involves setting the following environment variables:

CUSTOM_OAUTH_USER_ID_PATH=sub CUSTOM_OAUTH_USER_NAME_PATH=name CUSTOM_OAUTH_USER_EMAIL_PATH=email CUSTOM_OAUTH_SCOPE= openid profile email

The community member has shared this solution in the comments, noting that it may be helpful for others working with Authentik as an OAuth provider.

Useful resources
TTheCanadianKek
I'm trying to configure a custom OAuth provider and I'm running into issues retrieving user details. Users are able to log in and are succesfully redirected back to the callback url, however typebot does not log the user in. I'm using a selfhosted instance of Authentik as my OAuth provider the scopes are defined in the attached image.
T
4 comments
TTheCanadianKek
From the typebot builder logs:
Plain Text
[next-auth][error][OAUTH_PARSE_PROFILE_ERROR]
https://next-auth.js.org/errors#oauth_parse_profile_error Profile id is missing in WT SignMeIn OAuth profile response {
  error: {
    message: 'Profile id is missing in WT SignMeIn OAuth profile response',
    stack: 'TypeError: Profile id is missing in WT SignMeIn OAuth profile response\n' +
      '    at getProfile (/app/node_modules/.pnpm/next-auth@4.22.1_next@14.1.0_nodemailer@6.9.8_react-dom@18.2.0_react@18.2.0/node_modules/next-auth/core/lib/oauth/callback.js:164:28)\n' +
      '    at async oAuthCallback (/app/node_modules/.pnpm/next-auth@4.22.1_next@14.1.0_nodemailer@6.9.8_react-dom@18.2.0_react@18.2.0/node_modules/next-auth/core/lib/oauth/callback.js:136:27)\n' +
      '    at async Object.callback (/app/node_modules/.pnpm/next-auth@4.22.1_next@14.1.0_nodemailer@6.9.8_react-dom@18.2.0_react@18.2.0/node_modules/next-auth/core/routes/callback.js:52:11)\n' +
      '    at async AuthHandler (/app/node_modules/.pnpm/next-auth@4.22.1_next@14.1.0_nodemailer@6.9.8_react-dom@18.2.0_react@18.2.0/node_modules/next-auth/core/index.js:208:28)\n' +
      '    at async NextAuthApiHandler (/app/node_modules/.pnpm/next-auth@4.22.1_next@14.1.0_nodemailer@6.9.8_react-dom@18.2.0_react@18.2.0/node_modules/next-auth/next/index.js:22:19)\n' +
      '    at async z (/app/apps/builder/.next/server/chunks/524.js:1:8214)\n' +
      '    at async K (/app/node_modules/.pnpm/next@14.1.0_@babel+core@7.22.9_react-dom@18.2.0_react@18.2.0/node_modules/next/dist/compiled/next-server/pages-api.runtime.prod.js:20:16545)\n' +
      '    at async U.render (/app/node_modules/.pnpm/next@14.1.0_@babel+core@7.22.9_react-dom@18.2.0_react@18.2.0/node_modules/next/dist/compiled/next-server/pages-api.runtime.prod.js:20:16981)\n' +
      '    at async NextNodeServer.runApi
TTheCanadianKek
Plain Text
(/app/node_modules/.pnpm/next@14.1.0_@babel+core@7.22.9_react-dom@18.2.0_react@18.2.0/node_modules/next/dist/server/next-server.js:556:9)\n' +
      '    at async NextNodeServer.handleCatchallRenderRequest (/app/node_modules/.pnpm/next@14.1.0_@babel+core@7.22.9_react-dom@18.2.0_react@18.2.0/node_modules/next/dist/server/next-server.js:268:37)',
    name: 'TypeError'
  },
  OAuthProfile: {
    iss: 'https://<DOMAIN REDACTED>/application/o/typebot-builder/',
    sub: '751ac0f4a7fa409605f911c29906a45aabc625520626b34346a4bfde669f6df5',
    aud: 'Npv4zDDb8q2WpD5B92zChuyXF4Ah5gwApglAJUyN',
    exp: 1718039027,
    iat: 1718038727,
    auth_time: 1718037575,
    acr: 'goauthentik.io/providers/oauth2/default',
    name: '<NAME REDACTED>',
    given_name: '<NAME REDACTED>',
    preferred_username: '<NAME REDACTED>',
    nickname: '<NAME REDACTED>',
    groups: []
  },
  message: 'Profile id is missing in WT SignMeIn OAuth profile response'
TTheCanadianKek
I've tried defining the OAUTH_USER_PARAM_PATH variables with as well as with OAuthProfile.PARAM but neither method has worked. If someone would be able to point me in the right direction for defining environment variables that would be greatly appreciated.
TTheCanadianKek
Update: Issue resolved. For anyone else working w/ Authentik as an OAuth provider I've found the following to work:
Plain Text
CUSTOM_OAUTH_USER_ID_PATH=sub
CUSTOM_OAUTH_USER_NAME_PATH=name
CUSTOM_OAUTH_USER_EMAIL_PATH=email
CUSTOM_OAUTH_SCOPE= openid profile email
Attachment
image.png
Add a reply
Sign up and join the conversation on Discord