Provider-specific OAuth callback (POST)

curl --request POST \ --url https://api.example.com/api/auth/oauth/{provider}/callback \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data 'state=<string>' \ --data 'code=<string>' \ --data 'id_token=<string>'

Path Parameters

provider

enum<string>

required

Available options:

google,

github,

discord,

linkedin,

facebook,

instagram,

tiktok,

apple,

x,

spotify,

microsoft

Body

application/x-www-form-urlencoded

state

string

required

JWT state with redirect URI and optional code_challenge

code

string

Authorization code from OAuth provider

id_token

string

ID token (for Apple Sign In)

Response

302

Redirect to application.

PKCE flow: redirect_uri?insforge_code={code}&user_id={id}&email={email}&name={name}
Web flow: redirect_uri?access_token={token}&user_id={id}&email={email}&name={name}&csrf_token={csrf}