Like in the mentioned on this issue => Custom Provider: Epic Games - Unknown Configuration Issue Leads to OAuthError · Issue #5560 · nextauthjs/next-auth · GitHub
I have a lot of trouble adding sign in with epic to my web app,
Is there any example repo, workflows for NextJS ? I always get the same error in the issue mentioned above:
[auth][details]: {
"errorCode": "errors.com.epicgames.account.invalid_client_credentials",
"errorMessage": "Sorry the client credentials you are using are invalid",
"messageVars": [],
"numericErrorCode": 18033,
"originatingService": "com.epicgames.account.admin",
"intent": "prod",
"error_description": "Sorry the client credentials you are using are invalid",
"error": "invalid_client",
"provider": "epic"
}
I tried every key with every combination but still get this problem. So this is the flow I
The authorize and token requests follow Epic’s docs.
Authorize request
-
Params:
-
client_id: from environment (EPIC_CLIENT_ID)
-
response_type: code
-
scope: openid basic_profile
-
redirect_uri: matches our app callback, e.g. http://localhost:3000/api/auth/callback/epic
{
id: "epic",
name: "Epic Games",
type: "oauth",
checks: ["pkce", "state"],
authorization: {
url: "https://www.epicgames.com/id/authorize",
params: {
response_type: "code",
scope: "openid basic_profile",
client_id: process.env.EPIC_CLIENT_ID,
},
},
Token exchange request
-
Headers:
-
Content-Type: application/x-www-form-urlencoded
-
Authorization: Basic base64(EPIC_CLIENT_ID:EPIC_CLIENT_SECRET)
-
Body (x-www-form-urlencoded):
-
grant_type=authorization_code
-
code={authorization_code}
-
redirect_uri={same as above}
-
code_verifier={PKCE code verifier}
-
scope=openid basic_profile
-
state={state value}
-
deployment_id={only included if EPIC_DEPLOYMENT_ID is set}
Code reference:
token: {
url: "https://api.epicgames.dev/epic/oauth/v2/token",
async request({ params, checks, provider }) {
const clientId = process.env.EPIC_CLIENT_ID ?? process.env.EPIC_AUTH_CLIENT_ID ?? "";
const clientSecret = process.env.EPIC_CLIENT_SECRET ?? process.env.EPIC_AUTH_CLIENT_SECRET ?? "";
const deploymentId = process.env.EPIC_DEPLOYMENT_ID ?? "";
const basicAuth = Buffer.from(`${clientId}:${clientSecret}`).toString("base64");
const body = new URLSearchParams();
body.set("grant_type", "authorization_code");
body.set("code", String(params.code || ""));
body.set("redirect_uri", String(params.redirect_uri || provider.callbackUrl));
body.set("code_verifier", String((checks as any)?.code_verifier || ""));
body.set("scope", "openid basic_profile");
body.set("state", String(params.state || ""));
if (deploymentId) {
body.set("deployment_id", deploymentId);
}
const response = await fetch(provider.token.url, {
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
Authorization: `Basic ${basicAuth}`,
},
body,
});
const tokens = await response.json();
if (!response.ok) {
throw new Error(`Token exchange failed: ${JSON.stringify(tokens)}`);
}
return { tokens };
},
},
UserInfo request
-
Headers:
-
Authorization: Bearer {access_token}
userinfo: {
url: "https://api.epicgames.dev/epic/oauth/v2/userInfo",
async request({ tokens, provider }) {
const response = await fetch(provider.userinfo.url, {
headers: { Authorization: `Bearer ${tokens.access_token}` },
});
const profile = await response.json();
if (!response.ok) throw new Error(`UserInfo request failed: ${JSON.stringify(profile)}`);
return profile;
},
},
Current issue
-
The token endpoint responds with invalid_client (error 18033) despite using Basic auth with EPIC_CLIENT_ID and EPIC_CLIENT_SECRET.
-
Redirect URI is absolute and matches exactly in Epic console (e.g., http://localhost:3000/api/auth/callback/epic).
-
State and PKCE are both enforced and included.
-
We also tested a direct client_credentials call to the token endpoint and received invalid_client, which suggests a credential or client configuration issue rather than the framework.