Skip to content

Add Outlook login with NextAuth #495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Francisca105 wants to merge 3 commits into from
+332 −89
Closed

Add Outlook login with NextAuth #495

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
94bb7e0
feat: Outlook login support via next-auth (#463)
Francisca105 Jun 3, 2025
d34b915
fix: overlooked outlook-related dependencies
WhiteSoxx Jun 6, 2025
7ec84c5
Merge branch 'main' into feat/outlook-login
Francisca105 Jun 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
137 changes: 97 additions & 40 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ We offer a hosted version of Inbox Zero at [https://getinboxzero.com](https://ge

### Setup

[Here's a video](https://youtu.be/hVQENQ4WT2Y) on how to set up the project. It covers the same steps mentioned in this document. But goes into greater detail on setting up the external services.
[Here's a video](https://youtu.be/hVQENQ4WT2Y) on how to set up the project. It covers the same steps mentioned in this document. But goes into greater detail on setting up the external services.

### Requirements

Expand Down Expand Up @@ -125,45 +125,102 @@ Go to [Google Cloud](https://console.cloud.google.com/). Create a new project if

Create [new credentials](https://console.cloud.google.com/apis/credentials):

1. If the banner shows up, configure **consent screen** (if not, you can do this later)
1. Click the banner, then Click `Get Started`.
2. Choose a name for your app, and enter your email.
3. In Audience, choose `External`
4. Enter your contact information
5. Agree to the User Data policy and then click `Create`.
6. Return to APIs and Services using the left sidebar.
2. Create new [credentials](https://console.cloud.google.com/apis/credentials):
1. Click the `+Create Credentials` button. Choose OAuth Client ID.
2. In `Application Type`, Choose `Web application`
3. Choose a name for your web client
4. In Authorized JavaScript origins, add a URI and enter `http://localhost:3000`
5. In `Authorized redirect URIs` enter `http://localhost:3000/api/auth/callback/google`
6. Click `Create`.
7. A popup will show up with the new credentials, including the Client ID and secret.
3. Update .env file:
1. Copy the Client ID to `GOOGLE_CLIENT_ID`
2. Copy the Client secret to `GOOGLE_CLIENT_SECRET`
4. Update [scopes](https://console.cloud.google.com/auth/scopes)

1. Go to `Data Access` in the left sidebar (or click link above)
2. Click `Add or remove scopes`
3. Copy paste the below into the `Manually add scopes` box:

```plaintext
https://www.googleapis.com/auth/userinfo.profile
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/gmail.modify
https://www.googleapis.com/auth/gmail.settings.basic
https://www.googleapis.com/auth/contacts
```

4. Click `Update`
5. Click `Save` in the Data Access page.

5. Add yourself as a test user
1. Go to [Audience](https://console.cloud.google.com/auth/audience)
2. In the `Test users` section, click `+Add users`
3. Enter your email and press `Save`
1. If the banner shows up, configure **consent screen** (if not, you can do this later)

1. Click the banner, then Click `Get Started`.
2. Choose a name for your app, and enter your email.
3. In Audience, choose `External`
4. Enter your contact information
5. Agree to the User Data policy and then click `Create`.
6. Return to APIs and Services using the left sidebar.

2. Create new [credentials](https://console.cloud.google.com/apis/credentials):

1. Click the `+Create Credentials` button. Choose OAuth Client ID.
2. In `Application Type`, Choose `Web application`
3. Choose a name for your web client
4. In Authorized JavaScript origins, add a URI and enter `http://localhost:3000`
5. In `Authorized redirect URIs` enter `http://localhost:3000/api/auth/callback/google`
6. Click `Create`.
7. A popup will show up with the new credentials, including the Client ID and secret.

3. Update .env file:

1. Copy the Client ID to `GOOGLE_CLIENT_ID`
2. Copy the Client secret to `GOOGLE_CLIENT_SECRET`

4. Update [scopes](https://console.cloud.google.com/auth/scopes)

1. Go to `Data Access` in the left sidebar (or click link above)
2. Click `Add or remove scopes`
3. Copy paste the below into the `Manually add scopes` box:

```plaintext
https://www.googleapis.com/auth/userinfo.profile
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/gmail.modify
https://www.googleapis.com/auth/gmail.settings.basic
https://www.googleapis.com/auth/contacts
```

4. Click `Update`
5. Click `Save` in the Data Access page.

5. Add yourself as a test user

1. Go to [Audience](https://console.cloud.google.com/auth/audience)
2. In the `Test users` section, click `+Add users`
3. Enter your email and press `Save`

### Updating .env file with Azure credentials:

- `MICROSOFT_CLIENT_ID` -- Google OAuth client ID. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
- `MICROSOFT_CLIENT_SECRET` -- Google OAuth client secret. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
- `MICROSOFT_ISSUER` -- Google OAuth client secret. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
Comment on lines +177 to +179
Copy link
Contributor

@coderabbitai coderabbitai bot Jun 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix copy-paste error: These should reference Microsoft/Azure, not Google.

These environment variable descriptions incorrectly reference "Google OAuth" when they should reference "Microsoft" or "Azure".

-- `MICROSOFT_CLIENT_ID` -- Google OAuth client ID. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
-- `MICROSOFT_CLIENT_SECRET` -- Google OAuth client secret. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
-- `MICROSOFT_ISSUER` -- Google OAuth client secret. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
+- `MICROSOFT_CLIENT_ID` -- Microsoft OAuth client ID. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
+- `MICROSOFT_CLIENT_SECRET` -- Microsoft OAuth client secret. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
+- `MICROSOFT_ISSUER` -- Microsoft tenant ID or issuer. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- `MICROSOFT_CLIENT_ID` -- Google OAuth client ID. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
- `MICROSOFT_CLIENT_SECRET` -- Google OAuth client secret. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
- `MICROSOFT_ISSUER` -- Google OAuth client secret. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
- `MICROSOFT_CLIENT_ID` -- Microsoft OAuth client ID. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
- `MICROSOFT_CLIENT_SECRET` -- Microsoft OAuth client secret. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
- `MICROSOFT_ISSUER` -- Microsoft tenant ID or issuer. More info [here](https://authjs.dev/getting-started/providers/microsoft-entra-id)
🤖 Prompt for AI Agents 
In README.md around lines 177 to 179, the descriptions for MICROSOFT_CLIENT_ID,
MICROSOFT_CLIENT_SECRET, and MICROSOFT_ISSUER incorrectly mention "Google OAuth"
instead of "Microsoft" or "Azure". Update these descriptions to correctly
reference Microsoft or Azure OAuth to accurately reflect the environment
variables' purpose.


Go to [Azure Portal](https://portal.azure.com/). Create a new application if necessary.

Create the [application](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/CreateApplicationBlade):

1. Register an application in [Azure Portal](https://portal.azure.com/):

1. Go to **Azure Active Directory** > **App registrations** > **New registration**.
1. Enter a name for your app.
1. Set **Supported account types** as needed (e.g., "Accounts in any organizational directory and personal Microsoft accounts").
1. In **Redirect URI**, select "Web" and enter: `http://localhost:3000/api/auth/callback/microsoft-entra-id`
1. Click **Register**.

1. Configure authentication:

1. In your app registration, go to **Authentication**.
1. Ensure the redirect URI `http://localhost:3000/api/auth/callback/microsoft-entra-id` is listed.
1. (Optional) Enable **Access tokens** and **ID tokens**.

1. Create a client secret:

1. Go to **Certificates & secrets** > **New client secret**.
1. Add a description and set an expiry.
1. Click **Add** and copy the generated value (you won't see it again).

1. Update your `.env` file:

- Set `MICROSOFT_CLIENT_ID` to the **Application (client) ID** from the app registration overview.
- Set `MICROSOFT_CLIENT_SECRET` to the value of the client secret you just created.
- Set `MICROSOFT_ISSUER` to your **Directory (tenant) ID** or use `https://login.microsoftonline.com/common/v2.0` for multi-tenant.

5. Add API permissions:

1. Go to **API permissions** > **Add a permission**.
1. Choose **Microsoft Graph** > **Delegated permissions**.
1. Add permissions such as `User.Read`, `Mail.ReadWrite`, `Mail.Send`, `offline_access`, and any others your app requires.
1. Click **Add permissions**.
1. (If needed) Click **Grant admin consent**.

1. (Optional) Add yourself as a test user:

- If your app is restricted, ensure your Microsoft account is added as a user in the Azure AD tenant.

For more details, see the [Auth.js Microsoft Entra ID provider docs](https://authjs.dev/getting-started/providers/microsoft-entra-id).

### Updating .env file with LLM parameters

Expand Down
4 changes: 4 additions & 0 deletions apps/web/.env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,10 @@ GOOGLE_CLIENT_SECRET=
GOOGLE_ENCRYPT_SECRET= # openssl rand -hex 32
GOOGLE_ENCRYPT_SALT= # openssl rand -hex 16

MICROSOFT_CLIENT_ID=
MICROSOFT_CLIENT_SECRET=
MICROSOFT_TENANT_ID=

GOOGLE_PUBSUB_TOPIC_NAME="projects/abc/topics/xyz"
GOOGLE_PUBSUB_VERIFICATION_TOKEN= # Generate a random secret here: https://generate-secret.vercel.app/32

Expand Down
7 changes: 4 additions & 3 deletions apps/web/app/(app)/[emailAccountId]/assistant/page.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,10 @@ export default async function AssistantPage({
select: { id: true },
});

if (!hasRule) {
redirect(prefixPath(emailAccountId, "/assistant?onboarding=true"));
}
// FIXME: redirected too many times
// if (!hasRule) {
// redirect(prefixPath(emailAccountId, "/assistant?onboarding=true"));
// }
}

return (
Expand Down
53 changes: 53 additions & 0 deletions apps/web/app/(landing)/login/LoginForm.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,59 @@ export function LoginForm() {
</DialogContent>
</Dialog>

{/* TODO: Check the best way to filter for the waitlist users */}
<Dialog>
<DialogTrigger asChild>
<Button size="2xl">
<span className="flex items-center justify-center">
<Image
src="/images/microsoft.svg"
alt=""
width={24}
height={24}
unoptimized
/>
<span className="ml-2">Sign in with Microsoft</span>
</span>
</Button>
</DialogTrigger>
<DialogContent>
<DialogHeader>
<DialogTitle>Sign in</DialogTitle>
</DialogHeader>
<SectionDescription>
Inbox Zero{"'"}s use and transfer of information received from
Microsoft Entra ID will adhere to{" "}
<a
href="https://learn.microsoft.com/en-us/legal/microsoft-entra-privacy"
className="underline underline-offset-4 hover:text-gray-900"
>
Microsoft Entra Privacy Policy
</a>{" "}
and other applicable requirements.
</SectionDescription>
<div>
<Button
loading={loading}
onClick={() => {
setLoading(true);
signIn(
"microsoft-entra-id",
{
...(next && next.length > 0
? { callbackUrl: next }
: { callbackUrl: "/welcome" }),
},
error === "RequiresReconsent" ? { consent: true } : undefined,
);
}}
>
I agree
</Button>
</div>
</DialogContent>
</Dialog>

<Button
color="white"
size="2xl"
Expand Down
3 changes: 3 additions & 0 deletions apps/web/env.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,15 @@
import { createEnv } from "@t3-oss/env-nextjs";
import { z } from "zod";

export const env = createEnv({

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-find-snippets.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/llms/index.ts:15:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-extract-knowledge.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/logger.ts:3:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-extract-from-email-history.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/logger.ts:3:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-example-matches.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/llms/index.ts:15:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-diff-rules.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/llms/index.ts:15:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-detect-recurring-pattern.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/llms/index.ts:15:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-create-group.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/llms/index.ts:15:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-choose-rule.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/llms/index.ts:15:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-choose-args.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/logger.ts:3:1

Check failure on line 5 in apps/web/env.ts

View workflow job for this annotation

GitHub Actions / test

__tests__/ai-categorize-senders.test.ts 

Error: Invalid environment variables
 ❯ onValidationError ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:54:9
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-core@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-core/dist/src-Bb3GbGAa.js:59:28
 ❯ createEnv ../../node_modules/.pnpm/@t3-oss+env-nextjs@0.13.6_typescript@5.8.3_zod@3.25.46/node_modules/@t3-oss/env-nextjs/dist/index.js:16:9
 ❯ env.ts:5:20
 ❯ utils/llms/index.ts:15:1
server: {
NODE_ENV: z.enum(["development", "production", "test"]),
DATABASE_URL: z.string().url(),
NEXTAUTH_SECRET: z.string().min(1),
NEXTAUTH_URL: z.string().optional(),
MICROSOFT_CLIENT_ID: z.string().min(1),
MICROSOFT_CLIENT_SECRET: z.string().min(1),
MICROSOFT_ISSUER: z.string().default("common"),
Comment on lines +11 to +13
Copy link
Contributor

@coderabbitai coderabbitai bot Jun 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Address inconsistency between environment variable names.

There's a naming inconsistency: .env.example defines MICROSOFT_TENANT_ID but the validation schema uses MICROSOFT_ISSUER. This could confuse users during setup.

Please clarify:

  1. Should both files use the same variable name?
  2. Is MICROSOFT_ISSUER with default "common" intended for multi-tenant support?

🏁 Script executed:

#!/bin/bash
# Check for Microsoft environment variable usage across the codebase
echo "Searching for Microsoft environment variable usage..."
rg -A 2 -B 2 "MICROSOFT_(CLIENT_ID|CLIENT_SECRET|TENANT_ID|ISSUER)"

Length of output: 2859

🏁 Script executed:

#!/bin/bash
# Locate .env.example files and check for MICROSOFT_TENANT_ID usage
echo "Locating .env.example files..."
find . -type f -name ".env.example"
echo

echo "Searching for MICROSOFT_TENANT_ID in .env.example files..."
for file in $(find . -type f -name ".env.example"); do
  echo "File: $file"
  grep -n "MICROSOFT_TENANT_ID" "$file" || echo "  → No occurrences found in $file"
done

Length of output: 1224

Standardize Microsoft tenant environment variable naming

There’s an inconsistency between your validation schema and example files:

  • apps/web/env.ts expects MICROSOFT_ISSUER (with a default of "common")
  • apps/web/.env.example defines MICROSOFT_TENANT_ID

This can confuse users setting up Azure credentials. Please align the names across all references.

Affected locations:

  • apps/web/env.ts (lines ~11–13)
  • apps/web/.env.example (line 15)
  • README.md (all mentions of MICROSOFT_TENANT_ID or MICROSOFT_ISSUER)

Suggested diff for .env.example:

- MICROSOFT_TENANT_ID=
+ MICROSOFT_ISSUER=

And update the README so it consistently describes MICROSOFT_ISSUER (e.g. “Set MICROSOFT_ISSUER to your Directory (tenant) ID or leave as common for multi-tenant”).

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents 
In apps/web/env.ts around lines 11 to 13, the environment variable name
MICROSOFT_ISSUER is inconsistent with MICROSOFT_TENANT_ID used in
apps/web/.env.example and README.md. To fix this, rename MICROSOFT_ISSUER to
MICROSOFT_TENANT_ID in env.ts and set its default to "common" if multi-tenant
support is intended. Then, update apps/web/.env.example and README.md to
consistently use MICROSOFT_TENANT_ID, clarifying in the README that it can be
set to the Directory (tenant) ID or left as "common" for multi-tenant scenarios.

GOOGLE_CLIENT_ID: z.string().min(1),
GOOGLE_CLIENT_SECRET: z.string().min(1),
GOOGLE_ENCRYPT_SECRET: z.string(),
Expand Down
35 changes: 35 additions & 0 deletions apps/web/public/images/microsoft.svg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading