Google OAuth2 API Credential Failing with "OAuth callback state is invalid" Error

Help me Build my Workflow
,
1

I’m trying to connect a Google OAuth2 API credential in n8n Cloud to access Gmail, but I keep getting an “OAuth callback state is invalid” error (sometimes also “redirect_uri_mismatch”). I’ve tried everything I can think of and need help.

n8n Cloud instance: (username).app.n8n.cloud

  1. Credential type: Google OAuth2 API
  2. Google Cloud Project: Fresh project created specifically for n8n
  3. Gmail API: Enabled
  4. OAuth consent screen: Configured with my email as a test user

What I’ve Configured:

In Google Cloud Console:

  • Created OAuth 2.0 Client ID (Web application type)

  • Authorized redirect URIs:

    • https://oauth.n8n.cloud/oauth2/callback

    • https://(username).app.n8n.cloud/rest/oauth2-credential/callback

  • Added required Gmail scopes to OAuth consent screen

  • Client ID and Secret correctly copied to n8n

In n8n:

  • Using the OAuth Redirect URL shown: https://oauth.n8n.cloud/oauth2/callback

  • Client ID and Secret match the Google Console credentials

  • Scope: https://www.googleapis.com/auth/gmail.send https://www.googleapis.com/auth/gmail.readonly

The Problem:

  1. I click “Sign in with Google” in n8n

  2. Google’s OAuth consent screen appears ✓

  3. I grant permissions ✓

  4. After clicking “Allow”, I get redirected to a callback page with error:

Error: The OAuth callback state is invalid!
Failed to connect. The window can be closed now.

Sometimes I also see:

{"error":"redirect_uri_mismatch","error_description":"Bad Request"}

What I’ve Already Tried:

  • Created a completely new OAuth client in Google Console

  • Verified redirect URIs match exactly (no typos, trailing slashes, etc.)

  • Waited 10+ minutes after saving changes in Google Console

  • Deleted and recreated the credential in n8n multiple times

  • Cleared all browser cookies and cache

  • Tried in multiple browsers (Chrome, Firefox, Edge)

  • Tried in incognito/private mode

  • Verified Gmail API is enabled

  • Confirmed my email is added as test user in OAuth consent screen

  • Tried different scope combinations

  • Checked system clock is synchronized

Browser Console Details:

When I check the Network tab in browser dev tools, the callback request returns:

  • Status: 200 (success)

  • Response body shows: Error: The OAuth callback state is invalid!

Questions:

  1. Is there a known issue with n8n Cloud’s OAuth proxy (oauth.n8n.cloud) for Google OAuth2?

  2. Should I be using a different credential type for Gmail access?

  3. Are there any server-side logs you can check for my instance?

  4. Is there an alternative authentication method I should use instead?

Workaround Needed:

I’m happy to use app passwords or service accounts if OAuth isn’t working, but I’d prefer to get OAuth working if possible. Any help would be greatly appreciated!

2

There was a known issue with the OAuth2 implementation on n8n cloud instances (fixed in 2.1.3):

Make sure that you’re running the latest version and try again. If it does not fix your issue, let me know!

1 Like