The error handling redirect: exchanging access code with OAuth2 provider error could be due to improper configuration or incorrect user credentials when configuring one of the following authentication providers:

Configuring authentication providers

Confirm your authentication providers are set up and configured properly:

1. In left-hand navigation menu of the Realm UI, select Data Access & Security > Users. Click Providers, then scroll down and to check if your preferred auth provider’s status is set to Enabled.

2. In order for authentication to complete, ensure user credentials for the auth provider are reflected in your Realm application configuration:


Google: ensure the Client ID and Secret in the Google API console match those in your Realm Application.
Facebook: ensure you are using the correct Facebook App ID and secret. You can consult Facebook’s guide on creating a Facebook application.
Apple ID:


- Have the necessary prerequisites.


- Ensure the Service ID in the Apple Developer portal match the Client ID in your Realm Application.


- Ensure the Client Secret matches the Client Secret Value generated in JWT string. The Client Secret may be found in a newly-generated JWT string or you may use a pre-existing secret that contains the JWT.

3. When running a web-based application, ensure the redirect URI is set up correctly for your Realm application. The redirect URI must appear in the list of redirect URIs specified in the provider configuration, otherwise the login process will not complete successfully.


- For an Apple ID auth provider, provide a URL for a domain that you control and then use a universal link to redirect the user back to your application.

4. Save, commit and deploy your configuration changes as appropriate.


- When deploying changes from the Realm UI, remember to click Review & Deploy in the blue banner at the top of the Realm UI.


- When using Realm CLI to deploy changes, or if you’ve enabled automatic GitHub deployment, ensure the imported application directory contains a properly named configuration file stored in the /auth_providers directory. See the example configuration file names for the auth providers below:


- Google: oauth2-google.json
- Facebook: oauth2-facebook.json
- Apple ID: oauth2-apple.json

Did this answer your question?