OAuth
You can login to coolify with email/password, or with OAuth.
Using OAuth, you can delegate authorization to get a user's email address to an external IDP provider.
This lets coolify know that the user owns a specific email address associated with an existing coolify user.
This is an alternative to forcing the user to provide a password to coolify to prove they own that same email address.
Authorization servers supported by coolify include Azure, BitBucket, Github, Gitlab, and Google.
Setup OAuth
To setup OAuth for a given IDP, you need to get a client id and a client secret from the authorization server to put into https://<your-coolify-domain>/settings/oauth.
You'll also need to set a Redirect URI for the authorization server to send the user's data back to once they have authorized coolify to access their email address.
The Redirect URI to provide to the IDP should be in the format of https://<your-coolify-domain>/auth/<PROVIDER>/callback
Google OAuth
- Authorized JavaScript origins should be
https://<your-coolify-domain> - Authorized redirect URIs should be the redirect uri you set in
https://<your-coolify-domain>/settings/oauthfor Google.
Example
For Google OAuth the callback would be https://coolify.example.com/auth/google/callback
Github OAuth
- Homepage URL should be
https://<your-coolify-domain> - Authorization callback URL should be the redirect uri you set in
https://<your-coolify-domain>/settings/oauthfor Github.
Example
For Github OAuth the callback would be https://coolify.example.com/auth/github/callback
Delete User
Safely delete users from Coolify with automatic team ownership transfer, resource cleanup, and team member reassignment procedures.
Create Root User with Environment Variables
Create Coolify root user during installation with environment variables including email validation, username requirements, and strong password policies.