Skip to content
Nhost Documentation
Support Dashboard

OAuth2 provider callback endpoint (form_post)

POST
/signin/provider/{provider}/callback

Handles OAuth2 provider callbacks using form_post response mode. Used by providers like Apple that send data via POST instead of query parameters.

Parameters

Section titled “ Parameters ”

Path Parameters

Section titled “Path Parameters ”
provider
required
string
Allowed values: apple github google linkedin discord spotify twitch gitlab bitbucket workos azuread entraid strava facebook windowslive twitter

The name of the social provider

Request Body required

Section titled “Request Body required ”

OAuth2 provider callback data including authorization code, ID token, and state

object
code

Authorization code provided by the authentication provider

string
nullable
id_token

ID token provided by the authentication provider

string
nullable
state
required

State parameter to avoid CSRF attacks

string
user

JSON string containing user information (only provided on first authentication with Apple)

string
nullable
error

Error message if authentication failed

string
nullable
error_description

Detailed error description if authentication failed

string
nullable
error_uri

URI with more information about the error

string
nullable
key
additional properties
any

Responses

Section titled “ Responses ”

302

Section titled “302 ”

Redirect to client application after successful authentication

Headers

Section titled “Headers ”
Location
required
string format: uri

URL to redirect to

default

Section titled “default ”

An error occurred while processing the request

Standardized error response

object
status
required

HTTP status error code

integer
Example
400
message
required

Human-friendly error message

string
Example
Invalid email format
error
required

Error code identifying the specific application error

string
Allowed values: default-role-must-be-in-allowed-roles disabled-endpoint disabled-user email-already-in-use email-already-verified forbidden-anonymous internal-server-error invalid-email-password invalid-request locale-not-allowed password-too-short password-in-hibp-database redirectTo-not-allowed role-not-allowed signup-disabled unverified-user user-not-anonymous invalid-pat invalid-refresh-token invalid-ticket disabled-mfa-totp no-totp-secret invalid-totp mfa-type-not-found totp-already-active invalid-state oauth-token-echange-failed oauth-profile-fetch-failed oauth-provider-error invalid-otp cannot-send-sms provider-account-already-linked