Hive Hive
Sign in

OIDC login supports Google and generic providers with domain allowlists

Metadata
Source
GitHub
Version
server@0.1.0
Domains
Published
May 29, 2026 · 14:40 UTC
Repository
tuist/hive
Update

The login flow now supports Google and generic OIDC providers out of the box. Set HIVE_OIDC_PROVIDER=google with HIVE_OIDC_CLIENT_ID and HIVE_OIDC_CLIENT_SECRET to use Google’s hardcoded endpoints, or set HIVE_OIDC_PROVIDER=generic and supply your own issuer and credentials. Multiple providers can be configured simultaneously, and the login page renders one button per configured provider. Domain allowlists (HIVE_GOOGLE_ALLOWED_DOMAINS, HIVE_OIDC_ALLOWED_DOMAINS) are enforced on callback, and a single allowed Google domain adds the hd= hosted-domain hint. Source: release notes under ⛰️ Features, and the merged PR #1 and commit 8dc274b describe the provider-keyed flow and environment variables. config/runtime.exs and lib/hive/auth.ex show the final configuration surface.