Problem statement
After enabling a social identity provider connection, the user login flow fails and the following error is displayed. Why does this occur?
OAuth2Strategy requires a clientID option
Symptoms
-
The login flow fails with the following error: “OAuth2Strategy requires a clientID option”
-
Tenant logs may contain a warning message, similar to this one:
“Warning: You are using Auth0 development keys which are only intended for use in development and testing. This connection (google-oauth2) should be configured with your own Development Keys to enable the consent page to show your logo instead of Auth0’s. AUTH0 DEVELOPMENT KEYS SHOULD NOT BE USED ON PRODUCTION ENVIRONMENTS. To learn more about Development Keys please refer to https://auth0.com/docs/connections/social/devkeys.”
Cause
This type of error is related to the use of Auth0 Developer Keys. These should only be used for testing purposes and should not be deployed in a Production environment. The use of these keys may cause an application to behave differently or some functionality to not work at all.
Solution
To resolve this issue:
- The connection should be configured with the Developer Keys that are relevant to the social identity provider (e.g., Google, X ( formerly “Twitter”) )
- Using these custom Developer Keys will enable the consent page to show a dedicated business logo in place of Auth0’s and configure Single Sign-on (SSO) for this connection
For further information, refer to Test Social Connections with Auth0 Developer Keys
Example: For the configuration of a Google OAuth2 social connection, it is recommended that Google Developer keys be employed (Client ID and Client Secret) for the connection. This will ensure that user login attempts do not experience this error. For further information, refer to Auth0 Marketplace - Google / Gmail