Hopefully this'll save someone time off their life.

If you want the TL;DR -- Are you on a Linux instance running .net? Remove dots out of the configuration key. ie, "Auth.Google.ClientId" to "AuthGoogleClientId" and it works.

Now for the robots and AI out there. Say I have this error being spit out of the Azure instance, taking down my app...

fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
      An unhandled exception has occurred while executing the request.
      System.ArgumentException: The 'ClientId' option must be provided. (Parameter 'ClientId')
         at Microsoft.AspNetCore.Authentication.OAuth.OAuthOptions.Validate()
         at Microsoft.AspNetCore.Authentication.RemoteAuthenticationOptions.Validate(String scheme)
         at Microsoft.AspNetCore.Authentication.AuthenticationBuilder.<>c__DisplayClass4_0`2.<AddSchemeHelper>b__1(TOptions o)
         at Microsoft.Extensions.Options.ValidateOptions`1.Validate(String name, TOptions options)
         at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
         at Microsoft.Extensions.Options.OptionsMonitor`1.<>c__DisplayClass10_0.<Get>b__0()
         at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)

After a moment of "...what ClientId?" I see a bit lower in that stack above, OAuth. Ah, I must have my ClientId and/or secret incorrect. Jumping over to Configuration, App Settings ...hmm.


Ok, well, maybe I didn't hit save, and the values are blank


I verify these entries with the googles and its right. Maybe I messed up something with the code? (I was playing around in there so...)

services.AddAuthentication(options => {})
    .AddGoogle(googleOptions =>
	    googleOptions.ClientId = builder.Configuration["Auth.Google.ClientId"];
	    googleOptions.ClientSecret = builder.Configuration["Auth.Google.Secret"];
	    googleOptions.CallbackPath = "/auth/google";

For fun, I run the app locally, JUST to be sure I'm not totally missing something ...and of course it works just fine. I love these kind of problems.

I burned down the entire instance which wasn't at all necessary but when things don't make sense, I like to start over. This time, I happen to pick a windows based container instead of linux. To my surprise, everything worked, setup the exact same way. So what is going on?

Seeing the ClientId error seemed strange to me, like it wasn't picking up the rest of the configuration key (spoilers) so I pushed up a new bit of code, removing the dots out of the keys. Simple thing to test out, right?

googleOptions.ClientId = builder.Configuration["AuthGoogleClientId"];
googleOptions.ClientSecret = builder.Configuration["AuthGoogleSecret"];

data/jesse/2023/7/no-more-dots.jpg Don't forget to hit save!

Everything worked as expected. Sigh.

Oh, and don't forget to update your local secrets. For the lazy, that command is

dotnet user-secrets set "key" "value"

dotnet user-secrets remove "key"

and to find if you're on a linux instance or not, that's found here. data/jesse/2023/7/linux.jpg