# Login Providers

Drako Tickets supports password-based login and three OAuth providers: **Google**, **Discord**, and **Microsoft**. OAuth providers are optional — you can enable any combination of them.

OAuth is configured in two places:

1. The **provider's developer console** — to create OAuth credentials
2. **Supabase** — to enable the provider and paste the credentials
3. **DrakoTickets dashboard** — to show the button on the login page

## Supabase callback URL

All three providers require the same redirect URL. You will need this in each setup below:

```
https://<your-supabase-project>.supabase.co/auth/v1/callback
```

You can find and copy this URL directly from **Settings → Login Providers** inside the DrakoTickets dashboard.

## Google

{% stepper %}
{% step %}

### Create OAuth credentials in Google Cloud

1. Go to [console.cloud.google.com](https://console.cloud.google.com/) and open or create a project.
2. Navigate to **APIs & Services → Credentials** and click **Create Credentials → OAuth 2.0 Client ID**.
3. Set the application type to **Web application**.
4. Under **Authorised redirect URIs**, add your Supabase callback URL and click **Save**.
5. Copy the **Client ID** and **Client Secret**.
   {% endstep %}

{% step %}

### Enable in Supabase

1. Open your Supabase dashboard → **Authentication → Providers → Google**.
2. Paste the **Client ID** and **Client Secret**.
3. Toggle the provider **Enabled** and click **Save**.
   {% endstep %}

{% step %}

### Enable in DrakoTickets

1. Go to **Settings → Login Providers**.
2. Toggle **Google** on and click **Save**.
   {% endstep %}
   {% endstepper %}

The Google sign-in button will now appear on the login and registration pages.

## Discord

{% stepper %}
{% step %}

### Create OAuth credentials in Discord

1. Go to [discord.com/developers/applications](https://discord.com/developers/applications) and click **New Application** (or open an existing one).
2. Open the **OAuth2** tab and click **Add Redirect**.
3. Paste your Supabase callback URL and click **Save Changes**.
4. Copy the **Client ID** and **Client Secret** from the top of the OAuth2 tab.

{% hint style="info" %}
If you are also using the Discord bot integration, you can use the same application — the bot token and OAuth credentials are separate.
{% endhint %}
{% endstep %}

{% step %}

### Enable in Supabase

1. Open your Supabase dashboard → **Authentication → Providers → Discord**.
2. Paste the **Client ID** and **Client Secret**.
3. Toggle the provider **Enabled** and click **Save**.
   {% endstep %}

{% step %}

### Enable in DrakoTickets

1. Go to **Settings → Login Providers**.
2. Toggle **Discord** on and click **Save**.
   {% endstep %}
   {% endstepper %}

## Microsoft

{% stepper %}
{% step %}

### Register an application in Azure

1. Go to the [Azure Portal](https://portal.azure.com/) and navigate to **Azure Active Directory → App registrations → New registration**.
2. Give the app a name and choose the supported account types:
   * **Single tenant** — only your organisation's accounts
   * **Multitenant** — any Microsoft / Azure AD account
   * **Multitenant + personal** — also allows personal Microsoft accounts (Outlook, Hotmail)
3. Under **Redirect URI**, select **Web** and paste your Supabase callback URL.
4. Click **Register**.
5. Copy the **Application (client) ID** from the Overview page.
6. Go to **Certificates & secrets → New client secret**, set an expiry, and copy the **Value** (not the Secret ID).
   {% endstep %}

{% step %}

### Enable in Supabase

1. Open your Supabase dashboard → **Authentication → Providers → Azure**.
2. Paste the **Client ID** (Application ID) and **Client Secret**.
3. If you registered for a single tenant, also set the **Azure Tenant ID** (found on the Azure Overview page).
4. Toggle the provider **Enabled** and click **Save**.
   {% endstep %}

{% step %}

### Enable in Drako Tickets

1. Go to **Settings → Login Providers**.
2. Toggle **Microsoft** on and click **Save**.
   {% endstep %}
   {% endstepper %}

## Troubleshooting

<details>

<summary>OAuth button appears but clicking it shows an error</summary>

* Double-check the redirect URI in the provider's console matches the Supabase callback URL exactly (no trailing slash).
* Ensure the provider is enabled in both Supabase and the DrakoTickets dashboard.

</details>

<details>

<summary>"Email already in use" after signing in with OAuth</summary>

* Supabase links OAuth accounts to existing email addresses automatically if **Link accounts** is enabled in your Supabase Auth settings.
* If it is disabled, the user must first log in with their password and then link the OAuth account from their profile.

</details>

<details>

<summary>Google shows "This app isn't verified"</summary>

* This warning appears during development. Click **Advanced → Go to \[app name] (unsafe)** to proceed.
* To remove the warning in production, submit your app for Google OAuth verification in the Google Cloud Console.

</details>