BetterStarter logoBetterStarter
Guides

Authentication Providers

Setup OAuth providers like Google for user authentication.

1. Create Google OAuth Credentials

Create a Google Cloud Project

  1. Go to the Google Cloud Console
  2. Create a new project or select an existing one
  1. Navigate to APIs & Services → OAuth consent screen
  2. Choose External (for public apps) or Internal (for workspace-only apps)
  3. Fill in app name, support email, and developer contact email
  4. Skip scopes (defaults are sufficient) and save

Create OAuth 2.0 Credentials

  1. Go to APIs & Services → Credentials
  2. Click + CREATE CREDENTIALS → OAuth client ID
  3. Choose Web application
  4. Add Authorized JavaScript origins:
    • Development: http://localhost:3000
    • Production: https://yourdomain.com
  5. Add Authorized redirect URIs:
    • Development: http://localhost:3000/api/auth/callback/google
    • Production: https://yourdomain.com/api/auth/callback/google
  6. Click Create and copy the Client ID and Client Secret

2. Configure Environment Variables

Add the following to your .env.local:

VITE_GOOGLE_CLIENT_ID=your-client-id.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=your-client-secret

3. Test It

  1. Start the dev server: pnpm dev
  2. Navigate to http://localhost:3000/auth/sign-in
  3. You should see a "Sign in with Google" button
  4. Click it and complete the OAuth flow

Production Checklist

  • Add your production domain to authorized origins and redirect URIs in Google Cloud Console
  • Set VITE_GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET in your hosting platform's environment variables
  • Publish your OAuth consent screen to remove the "unverified app" warning and the 100-user limit
  • Optionally, verify your domain in Google Search Console for improved trust

Troubleshooting

  • "Redirect URI mismatch": Make sure the redirect URI in Google Cloud Console exactly matches /api/auth/callback/google (no trailing slash).
  • "This app isn't verified": This is normal during development. Click Advanced → Go to app (unsafe) to proceed, or publish your consent screen for production.
  • No Google button on sign-in page: Check that both VITE_GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET are set. A console warning will appear if they're missing.

Go Live

Ship your app to production. BetterStarter works with any hosting platform that supports Node.js.

Auth

Setup email-based authentication with Magic Links and OTP.

On this page

1. Create Google OAuth Credentials
Create a Google Cloud Project
Set Up the OAuth Consent Screen
Create OAuth 2.0 Credentials
2. Configure Environment Variables
3. Test It
Production Checklist
Troubleshooting