INTASTELLAR SOLUTIONSHelp Center
Versionv1

Debugging sign-in

Work top to bottom. Most issues are redirect URI mismatch, wrong client type, or cookie / storage limits in the browser.

1. Redirect and environment (2 minutes)

  • Callback URL in the browser character-for-character matches an allowed redirect URI (scheme, host, path, trailing slash).
  • You are testing the same environment (staging app vs production app) that matches the client ID in use.
  • HTTPS in production where you registered https:// — mixed http callbacks fail silently or with OAuth errors.

2. Client type and secrets

  • Browser-only app: you should use PKCE, not a client secret in JavaScript.
  • Server exchange: confidential client + secret on the server only — see Server-side (confidential) clients.
  • If you recently rotated secrets or changed public vs confidential, purge old env vars and redeploy.

3. Browser and cookies

  • Try incognito to rule out stale cookies or extensions.
  • Safari / ITP and third-party cookie policies: prefer first-party redirects and patterns described in Sessions, cookies, and tokens.
  • Popups blocked by the browser or ad blockers — fall back to full redirect flow for a test.

4. Still failing?

Collect this bundle before Contact & support:

  1. Page URL (staging or production) and browser + version.
  2. App type (React SDK, plain JS, SPA, server exchange).
  3. Error message or OAuth error code (screenshot or exact text).
  4. Whether it ever worked and what changed (redirect list, domain, deployment).

Owners can start with Site owner checklist (sign-in). Integrators: Integrator overview.

Last updated