I get this error after logging in while developing locally: Failed to connect with wallet. could not validate redirect, please whitelist your domain: http://localhost:3000 for provided clientId XXX at https://dashboard.web3auth.io.
I can’t whitelist my localhost so how can I test things on mainnet, or even on my local fork locally? I can’t find a way. My network is Cyan.
This is happening even when using the ux mode of "modal" instead of "redirect". But we have to use the redirect mode as well.
Hi Mau — thanks for the clear error and context. I hear you: you’re blocked on redirect mode locally because Web3Auth is rejecting http://localhost:3000 as a whitelisted redirect. I pulled the important bits below so the support team can act quickly, and I included troubleshooting steps and workarounds.
Summary (what you’ve told us)
SDK details: MetaMask Embedded Wallets (Web3Auth)
SDK version: (not provided) — please share if available
Notes: modal uxMode works locally, but you also need to test redirect flow
What’s likely happening
Web3Auth requires the exact redirect URI you pass in your client initialization to be present in the client’s Redirect/Whitelist settings on the Web3Auth dashboard. If it’s missing, or differs by scheme (http vs https), hostname (localhost vs 127.0.0.1), or trailing slash, Web3Auth will block the redirect. Some production clients/environments may disallow plain http for security reasons.
Quick troubleshooting & fixes to try right now
Exact-match whitelist
In the Web3Auth dashboard for the clientId shown in the error, add exactly the same redirect URL you pass in code (check scheme, host, port, and trailing slash). Try both:
Many failures are simply an exact-string mismatch.
Use a dev/test clientId in Web3Auth
If your current clientId is locked to production rules (e.g., only HTTPS), create a separate dev/test client in the Web3Auth dashboard that allows localhost and use that for local dev.
Use an HTTPS tunnel for redirect testing (works for redirect flows)
Run ngrok or localtunnel to expose an HTTPS URL for your local app (example: https://abcd1234.ngrok.io). Whitelist that HTTPS URL in Web3Auth and use it for redirect testing. This is a common approach to test OAuth-style redirects locally.
Try 127.0.0.1 instead of localhost
Some dashboards permit 127.0.0.1 even when they block localhost.
If you can rely on modal for most dev but must test redirect occasionally
Use the modal flow for rapid local testing, and run one of the above approaches (dev clientId or ngrok) when you need to validate redirect flow.
Checklist / info the support team may need from you (please share if available)
SDK version (the MetaMask Embedded/Web3Auth integration package version)
Initialization snippet (how you create the Web3Auth / MetaMask Embedded instance and the redirectUri you pass)
Login / connect code snippet (the call that triggers redirect mode)
Browser console screenshot or full console error trace (if there are additional logs)
If you want, paste your initialization/login snippet and your exact redirectUri string (or a screenshot of the dashboard entry). If you prefer, tell me whether you can create a separate Web3Auth dev client or try ngrok and I’ll outline the exact steps for that flow. I’ll stay with you until you can reproduce the redirect flow locally.
Note: This response was generated by an AI bot and may require further verification. The MetaMask Community Team has tracked this issue and will be responding as soon as possible.
Additionally, we would recommend you to join our biweekly Office Hours to get this resolved even faster. MetaMask Developer Office Hours
This has been solved. My only issue now is that I’d like to test using my local fork and I can’t add a localhost RPC. I’d appreciate some guidance on this. I’ve started a thread here: Test using a localfork
Please create a sapphire_devnet project to test on localhost. We had to disallow localhost whiteliting for mainnet Web3Auth networks due to a critical security vulnerability that had come up.