Problem
SSO registration (GitHub/Google) does not support invite codes. When INVITE_CODE_REQUIRED is enabled, users who try to register via SSO are blocked because there is no mechanism to pass an invite code through the OAuth flow.
Email registration works correctly — the invite code field is present and validated. But SSO has no equivalent path, meaning new users cannot create an account via SSO when invite codes are required.
This is an M0 blocker — external developer users will default to GitHub SSO.
Current behavior
- User enters invite code on registration page
- User clicks "Sign up with GitHub/Google"
- OAuth redirect happens — invite code is lost (not passed through)
- Callback returns — backend rejects with
SocialAuthRegistrationClosed because no invite code
- User cannot register
Expected behavior
- User enters invite code on registration page
- User clicks "Sign up with GitHub/Google"
- Invite code is passed through the OAuth flow
- Callback validates and consumes the invite code
- User account is created and linked to the invite code
Implementation
Backend (social_auth.rs)
- Accept
invite_code query param on GET /api/v1/auth/social/{provider}
- Validate code exists and is not exhausted before redirecting to provider
- Store validated code in a signed cookie (same pattern as
SOCIAL_STATE_COOKIE)
- On callback, read invite code from cookie → consume it → create user with
invite_code_id
- Update
allow_new_users logic: allow new user creation when a valid invite code cookie is present
Frontend (social-login-buttons.tsx + register-form.tsx)
- Pass invite code value from the registration form to
SocialLoginButtons component
- Append
?invite_code={code} to the OAuth authorize URL
References
Problem
SSO registration (GitHub/Google) does not support invite codes. When
INVITE_CODE_REQUIREDis enabled, users who try to register via SSO are blocked because there is no mechanism to pass an invite code through the OAuth flow.Email registration works correctly — the invite code field is present and validated. But SSO has no equivalent path, meaning new users cannot create an account via SSO when invite codes are required.
This is an M0 blocker — external developer users will default to GitHub SSO.
Current behavior
SocialAuthRegistrationClosedbecause no invite codeExpected behavior
Implementation
Backend (
social_auth.rs)invite_codequery param onGET /api/v1/auth/social/{provider}SOCIAL_STATE_COOKIE)invite_code_idallow_new_userslogic: allow new user creation when a valid invite code cookie is presentFrontend (
social-login-buttons.tsx+register-form.tsx)SocialLoginButtonscomponent?invite_code={code}to the OAuth authorize URLReferences