Getting Started with Stytch OAuth

Before integrating OAuth with Stytch into your application, there are a few basic configuration steps in the Stytch Dashboard:

1Create a Google or Microsoft OAuth client

In the Stytch Dashboard, navigate to the OAuth settings under CONFIGURATION. Select Google or Microsoft as the OAuth identity provider of your choice. Click Set up your own and follow the instructions to set up an OAuth client.

Stytch OAuth providers
Stytch Google OAuth setup

Be sure to add the Stytch redirect URI to your provider OAuth setup as an authorized redirect URI. The Stytch redirect URI is where end users are redirected after they have authenticated with the provider.

2Add or Update RedirectURLs in the Stytch Dashboard

By default, all new projects have redirect URLs set to http://localhost:3000/authenticate for the Test environment in the Dashboard.

If you want to use a different port, update the dashboard to specify new default Redirect URLs for:

  • Sign-up and Login Redirect URL (for organization-specific login)

  • Discovery Redirect URL (for discovery authentication)

3(Optional) Create an Organization

You can get started with the Discovery sign-up or login flow without this step, so feel free to skip to Step 4!

If you want to start with an example of logging into an existing Organization, you can do so by creating an Organization through the Stytch dashboard or CreateOrganization API.

If you will be testing using a corporate email, you can allow Just In Time (JIT) Provisioning to the Organization via email domain by including your domain in the email_allowed_domains array and setting email_jit_provisioning to RESTRICTED.

{
	"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
    ...
    "email_allowed_domains": ["stytch.com"],
    "email_jit_provisioning": "RESTRICTED"
}
Dashboard page for configuring JIT Provisioning by email domain

JIT Provisioning by email domain is restricted for common, free email providers (e.g. google.com) so if you don’t have a corporate email, you can alternatively create a Member in your new Organization with the email you will use to login.

You can create a Member in the dashboard by navigating to the Organization and clicking “Create new member” or by calling the CreateMember API.

4Start integrating

Follow one of the below guides to get an end-to-end OAuth flow up and running.

If you’re not sure what integration approach you want to take long-term, that’s fine!

If you want to get up and running with as little code as possible, check out the pre-built UI quickstart. If you want to get a sense for how much fine-grained control you can have with Stytch, choose between the backend and headless frontend quickstarts depending on where in the stack you feel most comfortable.