Getting an app to provide login via big 3rd part services like Google, Instagram, and others is a complex process of precisely configuring a lot of various settings. Since re-learning this for each app built is completely inefficient, here are some collected notes from the initial process, done across several providers.
Really bad dashboard. Feels like they want to hide the important options, not surface them. Instagram, WhatsApp, Threads all work under the same facebook login setting though, which is Meta’s best feature offering.
Choosing these options shown below will expose where to enter the OAuth login handler’s Redirect URL (supabase is recommended).
Here is where to add the app domains. Don’t add https:// prefix or any subdomains, just the app’s apex domain and the supabase (or another provider) project domain.
Also add links to the published Privacy policy, and ToS; these can be the same page. A data deletion URL also seems necessary.
And, finally, enable the email Permission.
