[SOLVED] Galaxy: Error in OAuth Server: redirectUrl (https://my-domain.com) is not on the same host as the app (https://my-app.meteorapp.com/)

It isn’t clear how to get OAuth plugins (f.e. accounts-google) working well in Galaxy.

In my Push-to-Deploy settings I’ve set ROOT_URL to https://my-domain.com, but then in the app’s logs I see:

{
  "line": "414",
  "file": "oauth_server.js",
  "message": "Error in OAuth Server: redirectUrl (https://my-app.com/onboarding) is not on the same host as the app (https://my-app.meteorapp.com/)",
  "time": {
    "$date": 1757436948760
  },
  "level": "warn"
}

and when I try to log in with Google I see the wrong redirect URL:

https://accounts.google.com/....?...&redirect_uri=https%3A%2F%2Fmy-app.meteorapp.com%2F_oauth%2Fgoogle&...

It should be my-domain.com instead of my-app.meteorapp.com.

How do we fix this?

It should be working with your ROOT_URL set. We are trying to understand whether this behavior is a bug and, if so, which side is responsible for it: Galaxy or Meteor. Our OSS team is looking into it right now.

I see you also opened a support ticket on Galaxy. I’ll keep you updated there!

1 Like

we use ROOT_URL to define the callback URL, as you can see at google_server.js and oauth_common.js, but not from the setting.json since “config” isnt used inside _redirectUri(...) (i’m doing a fews tests before open an issue to fix it)

Are you setting ROOT_URL from setting.json or from envs? it should be from envs since we populate ROOT_URL first from envs

I’d try adding the ROOT_URL env in Galaxy using the proper method, which is through settings.json, in the reserved section for environment variables in your host configuration.

{
    "galaxy.meteor.com": {
        "env": {
            "ROOT_URL": "xxx",
        }
    }
}

As mentioned in the guide:

Let us know if that works.

1 Like

I set the env var in push-to-deploy settings:

Is it not working in that location?

I’m trying to have a unique ROOT_URL per deployment, from one code base, i.e. multiple *.meteorapp.com domains deployed from different branches (staging vs prod, etc).

settings.json only allows a single value for a given var, it seems.

I’ll try using --settings [file] in the “Deploy arguments” field instead.

EDIT: Using --settings worked.

That wasn’t so obvious, and one may easily assume that the environment variables in that push-to-deploy setup will work. The Meteor docs don’t mention these env vars. It would be more intuitive to write env vars in settings.json without the galaxy.meteor.com wrapper.

Thank you for your feedback, @trusktr! It is extremely valuable in helping us to continuously improve our documentation and guides for Galaxy. I will work to make this clearer in our documentation.

2 Likes