Am using a n8n Community Version hosted on Northflank, which generates a callback URL that includes the full subdomain, in addition to the “code.run” domain. However, Google OAuth does not accept the full callback URL.
What is the error message (if any)?
On the Google OAuth setting page, in the “Authorised Redirect URI” window, I get a “Invalid Redirect: must use a domain that is a valid top private domain” error message.
So, how should i get around this? thanks so much in advance!
Please share your workflow
(Select the nodes on your canvas and use the keyboard shortcuts CMD+C/CTRL+C and CMD+V/CTRL+V to copy and paste the workflow.)
Share the output returned by the last node
Information on your n8n setup
n8n version: 2.12.3
Database (default: SQLite): postgres hosted on supabase
n8n EXECUTIONS_PROCESS setting (default: own, main): not applicable
Running n8n via (Docker, npm, n8n cloud, desktop app): community version on northflank
Hi @deta Welcome!
As expected, in google redirect URL field they ask for a authorized domain in the OAuth consent screen to be a top private domain, you can try first go in google cloud console > APIs & services > OAuth consent screen > authorized domains and there enter that code.run then in authorized redirect URIs, you can still use the full callback URL: https://yourapp.something.code.run/rest/oauth2-credential/callback
Also make sure that in your n8n env the webhook URL is set to your full domain WEBHOOK_URL=https://yourapp.something.code.run something like that and then let me know if this works as this should cause most of the times this is what causes that error.
@deta Now it is confirmed that google does not see that URL as a valid URI, there can be workarounds but still this is the truth that you cannot add that URL in redirect URL field as google would not accept that as google sees it as maybe not trusted, if you can then try to map a custom domain if possible so that the URL does not look like that, but that would be a very long processs so what i would say that try running an Ngrok tunnel for that n8n URL and there add it as a redirect…
yeah google won’t budge on this — code.run subdomains just don’t pass their TLD validation. the ngrok approach anshul mentioned is probably the most practical fix. one thing to keep in mind: update WEBHOOK_URL in your n8n env to the ngrok URL, otherwise the callback goes to the wrong place. and if northflank lets you map a custom domain, that’s the cleaner long-term solution since you wont have to update the ngrok URL every time it changes.
