next-auth: SignIn callback error when using NextAuth with oauth_get_access_token_error and oauth_callback_error

I am trying to add custom oauth provider to my next.js app. I am adding custom provider in […nextauth].js:

export default NextAuth({
  // Configure one or more authentication providers
  providers: [
  {
    id: "moneybutton",
    name: "Money Button",
    type: "oauth",
    version: "2.0",
    scope: "auth.user_identity:read users.profiles:read users.profiles.email:read users.balance:read",
    params: {
      grant_type: "authorization_code"
    },
    accessTokenUrl: "https://www.moneybutton.com/oauth/v1/token",
    requestTokenUrl: "https://www.moneybutton.com/oauth/v1/token",
    authorizationUrl: "https://www.moneybutton.com/oauth/v1/authorize?response_type=code",
    profileUrl: "https://www.moneybutton.com/api/v1/auth/user_identity",

    profile(profile) {
      return {
        id: profile.data.attributes.id,
        name: profile.data.attributes.name,
      };
    },
    clientId: 'my_oauth_identifier',
    clientSecret: 'my_client_secret'
  }
    // ...add more providers here
  ],

  debug: true
});

OAuth flow seems to work correct, as i am seeing my profile id coming back in responses but it finishes on http://localhost:3000/api/auth/signin?error=Callback

I set debug to true and i am getting following errors:

[next-auth][error][oauth_get_access_token_error]
https://next-auth.js.org/errors#oauth_get_access_token_error {
  statusCode: 400,
  data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'
} undefined undefined
[next-auth][error][oauth_get_access_token_error]
https://next-auth.js.org/errors#oauth_get_access_token_error {
  statusCode: 400,
  data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'
} moneybutton 9f3970b8ae39f9d46f9fae56f6fb6135ecb7e87b
[next-auth][error][oauth_callback_error]
https://next-auth.js.org/errors#oauth_callback_error {
  statusCode: 400,
  data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'

It says that client is invalid, but i am sure oauth identifier and secret are correct, as well as redirect URL set to

http://localhost:3000/api/auth/callback/moneybutton

response for profile looks like this if it would be helpful:

{
    "data": {
        "id": "75101",
        "type": "user_identities",
        "attributes": {
            "id": "75101",
            "name": "John Doe"
        }
    },
    "jsonapi": {
        "version": "1.0"
    }
}

Links to documentations:

https://next-auth.js.org/configuration/providers https://docs.moneybutton.com/docs/api/v1/api-v1-user-identity I don’t know if it’s some bug or my approach is wrong and will apreciate any help

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Reactions: 1
  • Comments: 19 (8 by maintainers)

Most upvoted comments

@buccalon @michalscislowski we’ve just released a first beta of our next major version, NextAuth v4. Could you let us know if the issue still persists there? We’re using a more modern oauth library under the hood that supports stuff like the .well-known auto configuration stuff. Custom OAuth provider docs remain here: https://next-auth.js.org/configuration/providers/oauth-provider#using-a-custom-provider

+1
ndom91 on Sep 5, 2021
Read more comments on GitHub
← next-auth: Session not being persisted when I close the browser
next-auth: Signing in using magic link with Outlook email when SafeLinks enabled does not work →