Failed to finish oauth - callback 500 (Internal Server Error) #2388

New Issue

OVERLORD · 2026-02-05T06:01:51+03:00

OVERLORD commented

2026-02-05 06:01:51 +03:00

Originally created by @volcvn8 on GitHub (Mar 4, 2024).

The bug

Hello. We encountered a problem through OAuth Authentication. Following this instructions https://immich.app/docs/administration/oauth/ we configure immich and oauth service.
After successfully authentication on oauth service, the authorization code successfully redirect from to immich endpoint /auth/login
then we have following error on login page:

Failed to finish oauth.

on browser log we have error:

entry.DJzkMQyl.js:1

POST http://10.38.46.176:2283/api/oauth/callback 500 (Internal Server Error)
window.fetch @ entry.DJzkMQyl.js:1
c @ fetch-client.IOYw_s6m.js:1
n @ fetch-client.IOYw_s6m.js:1
o @ fetch-client.IOYw_s6m.js:1
ut @ fetch-client.IOYw_s6m.js:1
login @ utils.tSb-PrBI.js:1
(anonymous) @ 40.APKiO6AH.js:1
K @ scheduler.a1YLkTt0.js:1
(anonymous) @ index.agc2DCvO.js:4
ft @ scheduler.a1YLkTt0.js:1
Promise.then (async)
at @ scheduler.a1YLkTt0.js:1
ht @ index.agc2DCvO.js:4
(anonymous) @ index.agc2DCvO.js:4
(anonymous) @ 40.APKiO6AH.js:1
u @ index.cSPuM9g9.js:1
l @ index.cSPuM9g9.js:1
u @ server-config.store.UxMdsTT1.js:1
await in u (async)
(anonymous) @ 0.LfHbdwc2.js:14
K @ scheduler.a1YLkTt0.js:1
(anonymous) @ index.agc2DCvO.js:4
ft @ scheduler.a1YLkTt0.js:1
jt @ index.agc2DCvO.js:4
ht @ app.T591kbWd.js:1
Zt @ entry.DJzkMQyl.js:1
K @ entry.DJzkMQyl.js:1
await in K (async)
Xt @ entry.DJzkMQyl.js:1
Ye @ entry.DJzkMQyl.js:1
en @ entry.DJzkMQyl.js:1
(anonymous) @ login?code=FBEBC4E9C59A6E26A1BBEB18E55182B1D10B44E63A8033EDD3F9D7523A5CF595&scope=openid%20profile%20email&state=UtT87ezwXk2majflcSQjsBTxNRoTFSgx4DJ76JYUwZg&session_state=qqcKK_AQEKYnSa93xRZwG08m_uKf5h6ZKBOI3oTzdVI.EDC5EE01CC9BA3F5515A563F7EE999C3:79
Promise.then (async)
(anonymous) @ login?code=FBEBC4E9C59A6E26A1BBEB18E55182B1D10B44E63A8033EDD3F9D7523A5CF595&scope=openid%20profile%20email&state=UtT87ezwXk2majflcSQjsBTxNRoTFSgx4DJ76JYUwZg&session_state=qqcKK_AQEKYnSa93xRZwG08m_uKf5h6ZKBOI3oTzdVI.EDC5EE01CC9BA3F5515A563F7EE999C3:78
40.APKiO6AH.js:1 Error [login-form] [oauth.callback] Error: Error: 500
at Object.ce [as ok] (fetch-client.IOYw_s6m.js:1:2829)
at async 40.APKiO6AH.js:1:8631

The OS that Immich Server is running on

Debian 12

Version of Immich Server

v1.97.0

Version of Immich Mobile App

Platform with the issue

Server
Web
Mobile

Your docker-compose.yml content

version: "3.8"

#
# WARNING: Make sure to use the docker-compose.yml of the current release:
#
# https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml
#
# The compose file on main may not be compatible with the latest release.
#

name: immich

services:
  immich-server:
    container_name: immich_server
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    command: [ "start.sh", "immich" ]
    volumes:
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
    ports:
      - 2283:3001
    depends_on:
      - redis
      - database
    restart: always

  immich-microservices:
    container_name: immich_microservices
    image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/hardware-transcoding
    #   file: hwaccel.transcoding.yml
    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
    command: [ "start.sh", "microservices" ]
    volumes:
      - ${UPLOAD_LOCATION}:/usr/src/app/upload
      - /etc/localtime:/etc/localtime:ro
    env_file:
      - .env
    depends_on:
      - redis
      - database
    restart: always

  immich-machine-learning:
    container_name: immich_machine_learning
    # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag.
    # Example tag: ${IMMICH_VERSION:-release}-cuda
    image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release}
    # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration
    #   file: hwaccel.ml.yml
    #   service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
    volumes:
      - model-cache:/cache
    env_file:
      - .env
    restart: always

  redis:
    container_name: immich_redis
    image: redis:6.2-alpine@sha256:51d6c56749a4243096327e3fb964a48ed92254357108449cb6e23999c37773c5
    restart: always

  database:
    container_name: immich_postgres
    image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
    environment:
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_USER: ${DB_USERNAME}
      POSTGRES_DB: ${DB_DATABASE_NAME}
    volumes:
      - pgdata:/var/lib/postgresql/data
    restart: always

volumes:
  pgdata:
  model-cache:

Your .env content

# You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables

# The location where your uploaded files are stored
UPLOAD_LOCATION=./library

# The Immich version to use. You can pin this to a specific version like "v1.71.0"
IMMICH_VERSION=release

# Connection secret for postgres. You should change it to a random password
DB_PASSWORD=postgres

# The values below this line do not need to be changed
###################################################################################
DB_HOSTNAME=immich_postgres
DB_USERNAME=postgres
DB_DATABASE_NAME=immich

REDIS_HOSTNAME=immich_redis

Reproduction steps

1. configure oauth service (add new client, add users)
2. configure immich (enable oauth, set fields by step 1: client id, client secret, etc)
3. press oauth bгtton on immich login form (redirect to oauth login form)
4. input login:password on oauth service, press ok button
5. redirect with authentication code to immich endpoint /auth/login

Additional information

No response

Originally created by @volcvn8 on GitHub (Mar 4, 2024). ### The bug Hello. We encountered a problem through OAuth Authentication. Following this instructions https://immich.app/docs/administration/oauth/ we configure immich and oauth service. After successfully authentication on oauth service, the authorization code successfully redirect from to immich endpoint /auth/login then we have following error on login page: Failed to finish oauth. on browser log we have error: ![Screenshot_16](https://github.com/immich-app/immich/assets/162098915/89de7382-5922-41ae-876c-b846d20e8257) entry.DJzkMQyl.js:1 POST http://10.38.46.176:2283/api/oauth/callback 500 (Internal Server Error) window.fetch @ entry.DJzkMQyl.js:1 c @ fetch-client.IOYw_s6m.js:1 n @ fetch-client.IOYw_s6m.js:1 o @ fetch-client.IOYw_s6m.js:1 ut @ fetch-client.IOYw_s6m.js:1 login @ utils.tSb-PrBI.js:1 (anonymous) @ 40.APKiO6AH.js:1 K @ scheduler.a1YLkTt0.js:1 (anonymous) @ index.agc2DCvO.js:4 ft @ scheduler.a1YLkTt0.js:1 Promise.then (async) at @ scheduler.a1YLkTt0.js:1 ht @ index.agc2DCvO.js:4 (anonymous) @ index.agc2DCvO.js:4 (anonymous) @ 40.APKiO6AH.js:1 u @ index.cSPuM9g9.js:1 l @ index.cSPuM9g9.js:1 u @ server-config.store.UxMdsTT1.js:1 await in u (async) (anonymous) @ 0.LfHbdwc2.js:14 K @ scheduler.a1YLkTt0.js:1 (anonymous) @ index.agc2DCvO.js:4 ft @ scheduler.a1YLkTt0.js:1 jt @ index.agc2DCvO.js:4 ht @ app.T591kbWd.js:1 Zt @ entry.DJzkMQyl.js:1 K @ entry.DJzkMQyl.js:1 await in K (async) Xt @ entry.DJzkMQyl.js:1 Ye @ entry.DJzkMQyl.js:1 en @ entry.DJzkMQyl.js:1 (anonymous) @ login?code=FBEBC4E9C59A6E26A1BBEB18E55182B1D10B44E63A8033EDD3F9D7523A5CF595&scope=openid%20profile%20email&state=UtT87ezwXk2majflcSQjsBTxNRoTFSgx4DJ76JYUwZg&session_state=qqcKK_AQEKYnSa93xRZwG08m_uKf5h6ZKBOI3oTzdVI.EDC5EE01CC9BA3F5515A563F7EE999C3:79 Promise.then (async) (anonymous) @ login?code=FBEBC4E9C59A6E26A1BBEB18E55182B1D10B44E63A8033EDD3F9D7523A5CF595&scope=openid%20profile%20email&state=UtT87ezwXk2majflcSQjsBTxNRoTFSgx4DJ76JYUwZg&session_state=qqcKK_AQEKYnSa93xRZwG08m_uKf5h6ZKBOI3oTzdVI.EDC5EE01CC9BA3F5515A563F7EE999C3:78 40.APKiO6AH.js:1 Error [login-form] [oauth.callback] Error: Error: 500 at Object.ce [as ok] (fetch-client.IOYw_s6m.js:1:2829) at async 40.APKiO6AH.js:1:8631 ### The OS that Immich Server is running on Debian 12 ### Version of Immich Server v1.97.0 ### Version of Immich Mobile App - ### Platform with the issue - [ ] Server - [X] Web - [ ] Mobile ### Your docker-compose.yml content ```YAML version: "3.8" # # WARNING: Make sure to use the docker-compose.yml of the current release: # # https://github.com/immich-app/immich/releases/latest/download/docker-compose.yml # # The compose file on main may not be compatible with the latest release. # name: immich services: immich-server: container_name: immich_server image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} command: [ "start.sh", "immich" ] volumes: - ${UPLOAD_LOCATION}:/usr/src/app/upload - /etc/localtime:/etc/localtime:ro env_file: - .env ports: - 2283:3001 depends_on: - redis - database restart: always immich-microservices: container_name: immich_microservices image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/hardware-transcoding # file: hwaccel.transcoding.yml # service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding command: [ "start.sh", "microservices" ] volumes: - ${UPLOAD_LOCATION}:/usr/src/app/upload - /etc/localtime:/etc/localtime:ro env_file: - .env depends_on: - redis - database restart: always immich-machine-learning: container_name: immich_machine_learning # For hardware acceleration, add one of -[armnn, cuda, openvino] to the image tag. # Example tag: ${IMMICH_VERSION:-release}-cuda image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} # extends: # uncomment this section for hardware acceleration - see https://immich.app/docs/features/ml-hardware-acceleration # file: hwaccel.ml.yml # service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable volumes: - model-cache:/cache env_file: - .env restart: always redis: container_name: immich_redis image: redis:6.2-alpine@sha256:51d6c56749a4243096327e3fb964a48ed92254357108449cb6e23999c37773c5 restart: always database: container_name: immich_postgres image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 environment: POSTGRES_PASSWORD: ${DB_PASSWORD} POSTGRES_USER: ${DB_USERNAME} POSTGRES_DB: ${DB_DATABASE_NAME} volumes: - pgdata:/var/lib/postgresql/data restart: always volumes: pgdata: model-cache: ``` ### Your .env content ```Shell # You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables # The location where your uploaded files are stored UPLOAD_LOCATION=./library # The Immich version to use. You can pin this to a specific version like "v1.71.0" IMMICH_VERSION=release # Connection secret for postgres. You should change it to a random password DB_PASSWORD=postgres # The values below this line do not need to be changed ################################################################################### DB_HOSTNAME=immich_postgres DB_USERNAME=postgres DB_DATABASE_NAME=immich REDIS_HOSTNAME=immich_redis ``` ### Reproduction steps ```bash 1. configure oauth service (add new client, add users) 2. configure immich (enable oauth, set fields by step 1: client id, client secret, etc) 3. press oauth bгtton on immich login form (redirect to oauth login form) 4. input login:password on oauth service, press ok button 5. redirect with authentication code to immich endpoint /auth/login ``` ### Additional information _No response_

OVERLORD closed this issue

2026-02-05 06:01:55 +03:00

Sign in to join this conversation.

Branches Tags

main

fix/web-people-hidden-state

fix-filename-search-label

chore/yank-cloud-id

chore/oauth-labels

renovate/machine-learning

uhthomas/mobile-fix-app-bar-fade

feat/debug-schema

renovate/typescript-projects

fix/25803

feat/asset-file-apis

chore/translations

fix/web-switch-label-clickable

release/next

fix/timezones

fix/time-zone-upserts

midzelis/wip

push-zpwsovysllvn

push-nwxlpmyzkyrl

push-nvnkszuqwppm

renovate/github-actions

push-smstsuupsowp

refactor/adaptive_image

push-olwpzvrxnomt

push-lmxsupnmxspl

feat/web-chromecast-video-looping

feat/use-native-clients

renovate/flutter

fix/create-face-edited

fix/mobile-ios-mtls

docs/contributing

docs/mise-mobile

renovate/grafana-monorepo

feature/bottom-buttons-order

feat/immich-mobile-ui-showcase

refactor/consolidate-image-requests

renovate/connectivity_plus-7.x

renovate/major-vitest-monorepo

renovate/pypi-python-multipart-vulnerability

fix/mobile-people-query

sqlite_thumbs

feat/html-text

chore/no-macro-validation

refactor/purchase-store

uhthomas/mobile-fix-asset-jump

feat/pano-ocr

feat/shared-link-login

fix/database-backup-db-names

fix-keep-correct-ios-shared-album-asset

fix-memory-generation-and-display

feat/verify-permissions

refactor/album-service-small-tests

fix/ml-rocm-build

fix/flipped-dimensions-mobile

push-vpxwmwwxwnvw

fix-migration-width-height

refactor/more-queries

revert/prettier-translations

refactor/asset-service-queries

fix/locale-settings-desc

chore/add-debug-log

feat/edit-filters

shared-deep-link-handler

feat/mobile-editing

feat/thumbnail-native-clients

feat/platform-clients

feat/integrity-checks-izzy

fix/foreground-cloud-sync

feat/dynamic-layout

filter-by-person

feat/csp

refactor/sidebar

fix/disable-editing

fix/view-timeline-deeplink

image-zoom-on-slow-connection

fix-consider-dar-for-video-dimension

fix/merged-edited-assets

perf/optimize-album-sort

open-api-fix

feat/create-job-with-dto

use-toast-primary

feat/vitest-4

feat/ios-fastlane-match

match-signing

fix-update-time-update-timeline

chore/translation-keys

feat/modal-routes

feat/panorama-tiles

feature/mobile-view-asset-owner

feat/system-settings

feature/show-activity-count

better-info-in-asset-viewer

fix/all-people-count

feat/location-favorites

feature/rearrange-buttons-2

fix/download-storage-template

feat/kb-shortcuts-mobile

fix/people-count

push-qolzzzzxrvvn

chore/originals-in-asset-files

feat/asset-size-columns

ben/tree-a11y

new-search-filter-ui

refactor/expectSelectedReadonly

refactor/mobile-grdb

push-qvuktpxmkknu

feat/mobile-native-local-sync

refactor/timeline_ops

fix/scrubber_end

feat/version.txt

feat/context-menus

feat/server-chunked-uploads

refactor/virtualsegment

refactor/rename_daymonth_groups

fix/restrict-android-bg-worker

feat/android-periodic-worker

fix-remote-sync-clean-up

refactor/timeline_move_ops

renovate/mapbox-mapbox-gl-rtl-text-0.x

fix/timeline_split_selectable

feat/keyboard_actions_help_modal

feat/static_frontend

feat/notification-warnign-android

feat/plugins2

feat/plugins

test/create-workflow-token-action

fix/docs-force

debug/search-result-similarity

debug/cf-chunked-uploads

feat/eslint_rule

feat/search-filter-album/web

refactor/timeline_photostream

refactor/timelineasset_asset

feat/session-permissions

feat/timeline_photostream_assetnav

feat/timeline_minor_optimize

feat/timeline_perf_nocomp

feat/timeline_search_results_actions

feat/timeline_search_results_page

fix/timeline_padding

fix/timeline_search_reactivity_warnings

feat/timeline_scrollbar

feat/timeline_stream_withviewer

fix/timeline_back_forth_nav

refactor/timeline_photostream_component

fix/generated-files-checks

fix/locate-button-local

chore/base-image-mimalloc

refactor/timeline_assetlayout

refactor/timeline_selectable

refactor/timeline_aware_actions

refactor/timeline_monthsegment

feat/remove-old-pages

chore/deps-gradle

tmp_photostream

tmp/lcms

feat/mobile-dynamic-thumbnails

fix/mobile-finer-thumbnail-concurrency

refactor/timeline1

refactor/extract_photostream

refactor/rename_load_api

refactor/timeline2

refactor/timeline3

feat/multi-select-asset-viewer

feat-no-thumbhash-cache

refactor/asset_grid

feat/faster-access-checks

fix/18991

fix/19543

chore/temp-remove

fix/21419

feat/mobile-hdr-images

chore/update-mise-lockfile

feat/mise-server-checks

feat/mise-ci

feat/windows-2025

feat/dev_cli

refactor/mobile-migrate-clients

fix/map-theme

fix/require-checkbox

chore/use_swc

feat/efficient-thumbnail-decoding

refactor/mobile-thumbhash

refactor/mobile-thumbhash-new

fix/mobile-uncached-zoom

feat/beta-background-upload

fix/beta-timeline-memories-setting

fix/failed-uploads-not-removed

feat/mobile-shared-album

feat/groups

drift-map-page

drift-auth-user-sync

fix/disable-memory

feat/add-to-album-action

edit-date-time-action

drift-people-page

sqlite-remove-isIn

feat/inline-storage-columns

chore/required-reviewers

refact/asset-manager

fix/folder-sort

pnpm

feat/widget-multiple-server-urls

chore/medium-tests-dbname

fix/web-no-iterator-find

fix/map-pan-interruption

track-livephotos

timeline_events

chore/oxlint-migration

feat/maintenance-worker

feat/dav

chore/demo-snapshot

refactor/server-side-dedupe

feat/integrity-checks

dev/recognition-eval

lighter_buckets_test

perf/postgres-queue

postgres-queue

focus_rings

refactor/web-stores-1

refactor/add-to-taken

feat/sort-places

feat/sidecar-asset-file

vet

tmp/demo-snapshot-preview

fix/server-migration-file-extension

refactor/mobile-v2

fix/asset-update-race-condition

rknn-toolkit-lite2

refactor/mobile-split-up-search-page

feature/Add-rocm-support-for-machine-learning

feat/rocm

chore/async-hash-file

feat/shared-link-view-count

feat/rotation

feat/graphql

feat/job-ids

feat/ignore-library-permission-error

feat/docker-compose-builder

feat/kysely-typeorm

mobile/onboarding

no-video-player

fix/server-qsv-output-format

chore/server-geodata-tweaks

mobile/native-video-player-no-hero

feat/xxhash

fix/docs-concurrency

feat/preload-ml-textual-model

feat/local-tileserver

refactor/exif-orientation

original-path-infix

refactor/mobile/login-form-1

feat/server-editor-endpoints

fix/server-qsv-vbr

fix-mobile-db-problems

feat/ml-armnn-conversion

feat/mobile/backup-with-album-info

feat/fast-initial-sync-1

chore/handle-output_dims

feat/server-more-robust-generation

feat/unassign-faces

feat/shortcuts-on-asset-grid

feat/background-upload

feat/capacitor-mobile-app-poc

feat/server-nvenc-hw-decoding

release/v1.105

fix/mobile-fetch-non-archive

feat/fine-grained-access-controls

web/automation-ui

feat/mobile-server-endpoint-save-dropdown

feat/blurhash-thumbnail

object-storage

feat/memories-animations

dev/metrics

ml/tflite

feat/ml-export-cli

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: immich-app/immich#2388