When migrating an application to a new domain, such as transitioning to erp.ginbok.com, updating your authentication providers is critical. If the handshake between Google OAuth and Supabase isn't synchronized with your new URL, users will face "mismatch URL" security blocks. Here is the technical workflow to ensure a seamless transition.
1. Supabase Dashboard Configuration
Supabase acts as the intermediary between Google and your application. You must update its internal routing to recognize the new origin.
- Navigate to Authentication > URL Configuration.
- Site URL: Update this to
https://erp.ginbok.com. This is the default location users are sent to after a successful login. - Redirect URLs: Add
https://erp.ginbok.com/**to the allowlist. Using the wildcard ensures that deep-linked redirects after authentication function correctly.
2. Google Cloud Console Adjustments
Google requires explicit authorization for any domain requesting identity tokens. Access your API & Services > Credentials and select your OAuth 2.0 Client ID.
- Authorized JavaScript origins: Add
https://erp.ginbok.com. - Authorized redirect URIs: Generally, you do not need to add your new domain here. Google redirects back to Supabase's servers first. Ensure the Supabase callback URL (e.g.,
https://[project-id].supabase.co/auth/v1/callback) remains intact.
3. Environment Variables (Secrets)
Finally, update the application logic to use the new base URL for generating absolute paths.
# In your .env file or Cloud Secret Manager
APP_URL=https://erp.ginbok.comStrategic Insights
Always perform these updates in a coordinated manner. Updating the Google Console before Supabase might lead to a brief window where the "Origin" header sent by the client is rejected. Furthermore, ensure that your SSL certificate for the new domain is active, as both Google and Supabase strictly enforce HTTPS for OAuth flows.