Hive now supports a configurable OIDC login flow. Operators can enable Google via HIVE_GOOGLE_CLIENT_ID and HIVE_GOOGLE_CLIENT_SECRET, or any OpenID Connect provider via HIVE_OIDC_ISSUER, HIVE_OIDC_CLIENT_ID, and HIVE_OIDC_CLIENT_SECRET. Multiple providers can appear as buttons on the login page, and email domains can be restricted with HIVE_GOOGLE_ALLOWED_DOMAINS or HIVE_OIDC_ALLOWED_DOMAINS. The implementation is built on Ueberauth and ueberauth_oidcc, which handle discovery, PKCE, state, token exchange, and userinfo.
Hive
Configurable OIDC login with Google and generic provider support
Published
May 29, 2026 · 14:56 UTC
Repository
tuist/hive