Skip to main content
This guide walks you through configuring X OAuth for your app’s authentication. Your app’s users will be able to sign in with their X accounts.

Prerequisites

  • A published Replit app (you need a deployment URL like your-app.replit.app)
  • An X Developer account (free tier available)

Step 1: Publish your app

Before configuring custom OAuth credentials, you need a published deployment URL. You’ll need the URL when setting up your custom X credentials.
  1. Publish your app from the Replit workspace
  2. Note your published URL (e.g., https://your-app.replit.app)

Step 2: Set up X Developer app

Create a developer account (if needed)

  1. Navigate to X Developer Portal
  2. Apply for a developer account if you don’t have one
  3. Complete the application describing your use case

Create or select an app

  1. In the X Developer Portal, go to Projects & Apps
  2. Use an existing app or select Add App
  3. Enter an app name and select Next
  4. Select App settings

Step 3: Configure authentication

  1. Scroll to User authentication settings
  2. Select Set up
App permissions: Select minimum permission level:
  • Read - Required for user profile (minimum)
  • Write - For posting on behalf of users (optional)
  • Direct Messages - For DM access (optional)
Permissions must match scopes requested. If your app requests tweet.write but you only enabled Read, authentication will fail.
Type of app: Select Web App, Automated App or Bot App info:
  • Callback URI / Redirect URL: The callback URI is your published domain followed by /__clerk/v1/oauth_callback. Enter the following, replacing your-app.replit.app with your actual published domain: 
    https://your-app.replit.app/__clerk/v1/oauth_callback
  • Website URL: Your published app URL: 
    https://your-app.replit.app
  1. Select Save
  2. Save your Client ID and Client Secret
Store your Client Secret securely. If lost, regenerating it invalidates the old one.

Step 4: Enter credentials in Replit

  1. In your Repl, navigate to the Auth pane
  2. Select the Configure tab
  3. Select Production environment
  4. Select the Edit button next to X
  5. Toggle on Use custom credentials
  6. Paste your Client ID and Client Secret
  7. Select Save changes
  8. Toggle X to Enabled

Step 5: Test your integration

  1. Open your published app’s login page
  2. Select Sign in with X
  3. Authorize the app on X
  4. Verify successful authentication

Troubleshooting

Redirect URI mismatch

  • Verify the Callback URI is exactly https://your-app.replit.app/__clerk/v1/oauth_callback
  • Check for typos or incorrect protocols
  • No trailing slashes

Invalid client

  • Double-check Client ID and Client Secret
  • Ensure no extra spaces
  • Verify you are using OAuth 2.0 credentials (not OAuth 1.0a)

Scope/permission errors

  • Verify scopes match permissions enabled in X Developer Portal
  • Ensure Read permission is enabled at minimum

App in development mode

  • X apps start in development mode with limited users
  • You may need to apply for elevated access for production use

Not working on custom domain

  • Update the Website URL in your X app settings to your custom domain
  • Update the Callback URI to https://your-custom-domain.com/__clerk/v1/oauth_callback
  • Republish your app

Additional resources