Codapult
PreisePluginsBlogDokuDemo

Das SaaS-Boilerplate für Macher

© 2026 Codapult. Alle Rechte vorbehalten.

Built with Codapult

Projekt

  • Preise
  • Plugins
  • Dokumentation
  • SaaS-Template-Vergleich

Über uns

  • Kontakt

Rechtliches

  • Datenschutzrichtlinie
  • Nutzungsbedingungen
Alle Artikel

Getting Started

  • Introduction
  • Quick Start
  • Project Structure
  • License and Permitted Use

Configuration

  • Environment Variables
  • App Configuration

Authentication

  • Authentication
  • OAuth Providers
  • Two-Factor & Passwordless
  • Enterprise SSO (SAML)

Database

  • Database
  • Migrations

Teams

  • Teams & Organizations
  • Permissions & RBAC
  • SCIM Provisioning

Payments

  • Payments & Billing
  • Stripe Setup
  • LemonSqueezy Setup
  • Polar Setup
  • Payment Webhooks

Api

  • API Layer
  • tRPC
  • GraphQL

Ai

  • AI Features
  • Streaming Chat
  • RAG and Semantic Search
  • Quotas and Memory

Email

  • Email
  • Email Templates

Infrastructure

  • Infrastructure
  • Self-Hosting
  • File Storage
  • Docker
  • Background Jobs
  • Terraform & Pulumi
  • Kubernetes

Ui

  • UI & Theming

I18n

  • Internationalization

Content Management

  • Content Management

Admin

  • Admin Panel

Security

  • Security

Monitoring

  • Analytics & Monitoring

Modules

  • Module Architecture
  • Waitlist
  • Audit Log
  • White-Labeling
  • Workflow Automation
  • A/B Testing
  • Welcome Page
  • Referrals
  • GDPR Export and Deletion
  • Outgoing Webhooks

Plugins

  • Plugin System
  • AI Kit Plugin
  • CRM Plugin
  • Helpdesk Plugin
  • Email Marketing Plugin

Deployment

  • Deployment
  • Troubleshooting

Upgrading

  • Upgrading Codapult

Developer Tools

  • AI Agents & IDEs
  • MCP Server
  • Testing
Authentication

OAuth Providers

Configure Google, GitHub, Apple, Discord, Twitter, and Microsoft OAuth for your SaaS.

Codapult supports six OAuth providers via Better-Auth. Enable any provider by adding its credentials to .env.local — providers are detected automatically and appear on the sign-in page.

Quick Setup

  1. Set the corresponding env vars in .env.local (see table below)
  2. Set the callback URL in the provider's developer console: https://your-app.com/api/auth/callback/<provider>

Provider Reference

ProviderClient ID Env VarClient Secret Env VarConsole URL
GoogleGOOGLE_CLIENT_IDGOOGLE_CLIENT_SECRETGoogle Cloud Console
GitHubGITHUB_CLIENT_IDGITHUB_CLIENT_SECRETGitHub Developer Settings
AppleAPPLE_CLIENT_IDAPPLE_CLIENT_SECRETApple Developer
DiscordDISCORD_CLIENT_IDDISCORD_CLIENT_SECRETDiscord Developer Portal
TwitterTWITTER_CLIENT_IDTWITTER_CLIENT_SECRETTwitter Developer Portal
MicrosoftMICROSOFT_CLIENT_IDMICROSOFT_CLIENT_SECRETAzure App Registrations

Callback URLs

Every provider needs a callback URL registered in its console. The format is always:

https://your-app.com/api/auth/callback/<provider>

For local development, use http://localhost:3000/api/auth/callback/<provider>.

Google Setup

  1. Go to the Google Cloud Console → Credentials
  2. Create an OAuth 2.0 Client ID (type: Web application)
  3. Add authorized redirect URI: https://your-app.com/api/auth/callback/google
  4. Copy credentials to .env.local:
GOOGLE_CLIENT_ID="your-client-id.apps.googleusercontent.com"
GOOGLE_CLIENT_SECRET="GOCSPX-your-secret"

GitHub Setup

  1. Go to GitHub → Settings → Developer settings → OAuth Apps
  2. Create a new OAuth App
  3. Set callback URL: https://your-app.com/api/auth/callback/github
  4. Copy credentials to .env.local:
GITHUB_CLIENT_ID="your-client-id"
GITHUB_CLIENT_SECRET="your-client-secret"

Other Providers

Apple, Discord, Twitter, and Microsoft follow the same pattern:

  1. Create an OAuth application in the provider's developer console (see links in the table above)
  2. Set the callback URL to https://your-app.com/api/auth/callback/<provider>
  3. Copy the client ID and secret to .env.local using the env var names from the table

For provider-specific setup details (Apple certificates, Microsoft tenant config, etc.), see the Better-Auth OAuth documentation.

Disabling OAuth

Remove (or clear) the provider's CLIENT_ID and CLIENT_SECRET from .env.local. The sign-in page automatically hides the button when credentials are absent.

AuthenticationTwo-Factor & Passwordless