Skip to content

feat(oauthserver): add OAuth client admin update endpoint#2231

Merged
cemalkilic merged 2 commits intomasterfrom
cemal/feat-add-oauth-client-update-endpoint
Oct 30, 2025
Merged

feat(oauthserver): add OAuth client admin update endpoint#2231
cemalkilic merged 2 commits intomasterfrom
cemal/feat-add-oauth-client-update-endpoint

Conversation

@cemalkilic
Copy link
Contributor

@cemalkilic cemalkilic commented Oct 29, 2025

Summary

Adds a new admin endpoint to update existing OAuth client configurations. This enables administrators to modify OAuth client settings without having to delete and recreate clients.

Changes

New Endpoint

  • PUT /admin/oauth/clients/{client_id} - Update OAuth client configuration (admin only)

Supported Update Fields

  • redirect_uris - Array of redirect URIs
  • grant_types - Array of grant types (authorization_code, refresh_token)
  • client_name - Human-readable client name
  • client_uri - Client application homepage URL
  • logo_uri - Client application logo URL

Example Usage

# Update client redirect URIs and name
curl -X PUT https://your-project.supabase.co/admin/oauth/clients/{client_id} \
  -H "Authorization: Bearer {admin-token}" \
  -H "Content-Type: application/json" \
  -d '{
    "client_name": "Updated App Name",
    "redirect_uris": ["https://app.example.com/callback"]
  }'

@cemalkilic cemalkilic requested a review from a team as a code owner October 29, 2025 11:28
@cemalkilic cemalkilic mentioned this pull request Oct 29, 2025
Merged
@coveralls
Copy link

coveralls commented Oct 29, 2025
edited
Loading

Pull Request Test Coverage Report for Build 18932046775

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 120 of 143 (83.92%) changed or added relevant lines in 3 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.09%) to 68.101%
Changes Missing Coverage Covered Lines Changed/Added Lines %
internal/api/oauthserver/handlers.go 16 19 84.21%
internal/api/oauthserver/service.go 103 123 83.74%
Totals Coverage Status
Change from base Build 18910658377: 0.09%
Covered Lines: 13883
Relevant Lines: 20386
💛 - Coveralls

hf
hf reviewed Oct 29, 2025
View reviewed changes
@cemalkilic cemalkilic enabled auto-merge (squash) October 30, 2025 06:32
@cemalkilic cemalkilic merged commit 6296a5a into master Oct 30, 2025
4 of 5 checks passed
@cemalkilic cemalkilic deleted the cemal/feat-add-oauth-client-update-endpoint branch October 30, 2025 06:32
@github-actions github-actions bot mentioned this pull request Oct 29, 2025
Merged
fadymak pushed a commit that referenced this pull request Nov 4, 2025
@github-actions
chore(master): release 2.181.0 (#2178)
a6530d5 
🤖 I have created a release *beep* *boop*
---


##
[2.181.0](v2.180.0...v2.181.0)
(2025-10-31)


### Features

* add `.well-known/openid-configuration`
([#2197](#2197))
([9a8d0df](9a8d0df))
* add `auth_migration` annotation for the migrations
([#2234](#2234))
([b276d0b](b276d0b))
* add advisor to notify you when to double the max connection pool
([#2167](#2167))
([a72f5d9](a72f5d9))
* add after-user-created hook
([#2169](#2169))
([bd80df8](bd80df8))
* add support for account changes notifications in email send hook
([#2192](#2192))
([6b382ae](6b382ae))
* email address changed notification
([#2181](#2181))
([047f851](047f851))
* identity linked/unlinked notifications
([#2185](#2185))
([7d46936](7d46936))
* introduce v2 refresh token algorithm
([#2216](#2216))
([dea5b8e](dea5b8e))
* MFA factor enrollment notifications
([#2183](#2183))
([53db712](53db712))
* notify users when their phone number has changed
([#2184](#2184))
([21f3070](21f3070))
* **oauthserver:** add OAuth client admin update endpoint
([#2231](#2231))
([6296a5a](6296a5a))
* properly handle redirect url fragments and unusual hostnames
([#2200](#2200))
([aa0ac5b](aa0ac5b))
* store latest challenge/attestation data
([#2179](#2179))
([01ebce1](01ebce1))
* support percentage based db limits with reload support
([#2177](#2177))
([1731466](1731466))
* webauthn support schema changes, update openapi.yaml
([#2163](#2163))
([68cb8d2](68cb8d2))


### Bug Fixes

* gosec incorrectly warns about accessing signature[64]
([#2222](#2222))
([bca6626](bca6626))
* **openapi:** add missing OAuth client registration fields
([#2227](#2227))
([cf39a8a](cf39a8a))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
DevRyuki pushed a commit to sasatech-gk/supabase-auth that referenced this pull request Feb 23, 2026
@github-actions @DevRyuki
chore(master): release 2.181.0 (supabase#2178)
bbf7aae 
🤖 I have created a release *beep* *boop*
---


##
[2.181.0](supabase/auth@v2.180.0...v2.181.0)
(2025-10-31)


### Features

* add `.well-known/openid-configuration`
([supabase#2197](supabase#2197))
([9a8d0df](supabase@9a8d0df))
* add `auth_migration` annotation for the migrations
([supabase#2234](supabase#2234))
([b276d0b](supabase@b276d0b))
* add advisor to notify you when to double the max connection pool
([supabase#2167](supabase#2167))
([a72f5d9](supabase@a72f5d9))
* add after-user-created hook
([supabase#2169](supabase#2169))
([bd80df8](supabase@bd80df8))
* add support for account changes notifications in email send hook
([supabase#2192](supabase#2192))
([6b382ae](supabase@6b382ae))
* email address changed notification
([supabase#2181](supabase#2181))
([047f851](supabase@047f851))
* identity linked/unlinked notifications
([supabase#2185](supabase#2185))
([7d46936](supabase@7d46936))
* introduce v2 refresh token algorithm
([supabase#2216](supabase#2216))
([dea5b8e](supabase@dea5b8e))
* MFA factor enrollment notifications
([supabase#2183](supabase#2183))
([53db712](supabase@53db712))
* notify users when their phone number has changed
([supabase#2184](supabase#2184))
([21f3070](supabase@21f3070))
* **oauthserver:** add OAuth client admin update endpoint
([supabase#2231](supabase#2231))
([6296a5a](supabase@6296a5a))
* properly handle redirect url fragments and unusual hostnames
([supabase#2200](supabase#2200))
([aa0ac5b](supabase@aa0ac5b))
* store latest challenge/attestation data
([supabase#2179](supabase#2179))
([01ebce1](supabase@01ebce1))
* support percentage based db limits with reload support
([supabase#2177](supabase#2177))
([1731466](supabase@1731466))
* webauthn support schema changes, update openapi.yaml
([supabase#2163](supabase#2163))
([68cb8d2](supabase@68cb8d2))


### Bug Fixes

* gosec incorrectly warns about accessing signature[64]
([supabase#2222](supabase#2222))
([bca6626](supabase@bca6626))
* **openapi:** add missing OAuth client registration fields
([supabase#2227](supabase#2227))
([cf39a8a](supabase@cf39a8a))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hf hf hf approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cemalkilic @coveralls @hf