Description
👟 Reproduction steps
Note: I already reported this error in the Appwrite repo, but since it turned out to be a problem with the Flutter package, I'll recreate the issue here.
await account.createOAuth2Token(
provider: OAuthProvider.google,
success: 'appwrite-callback-[project-id]://[host]/v1/auth/oauth2/success/',
failure: 'appwrite-callback-[project-id]://[host]/v1/auth/oauth2/failure/',
);
Project id and host are set correctly - just anonymized here. Google OAuth is configured correctly in the backend.
Google oAuth is configured correctly, also because createOAuth2Session
works. The user is also always created in the backend and also has the status “Verified email”
👍 Expected behavior
Automatic redirection back to the app even without succes and failure URL. Valid response so that the result can be processed further and the user can log in.
👎 Actual Behavior
If you trigger this and are redirected back to the app, the user is created in the backend, but i receive this error in Flutter: Error: AppwriteException: , Invalid OAuth2 Response. Key and Secret not available. (500)
and in the Docker logs:
Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /usr/src/code/app/controllers/api/account.php on line 1426
If you leave success and failure url empty, you will not be redirected back to the app and you can see in the Docker logs:
Deprecated: json_decode(): Passing null to parameter #1 ($json) of type string is deprecated in /usr/src/code/app/controllers/api/account.php on line 1426
[Error] Timestamp: 2025-06-07T08:26:11+00:00
[Error] Method: GET
[Error] URL: /v1/account
[Error] Type: Appwrite\Extend\Exception
[Error] Message: User (role: guests) missing scope (account)
[Error] File: /usr/src/code/app/controllers/shared/api.php
[Error] Line: 375
🎲 Appwrite version
Different version (specify in environment)
💻 Operating system
Linux
🧱 Your Environment
Self-hosted,
Flutter 3.29.3,
Dart 3.7.2,
Appwrite 1.7.4
👀 Have you spent some time to check if this issue has been raised before?
- I checked and didn't find similar issue
🏢 Have you read the Code of Conduct?
- I have read the Code of Conduct