Skip to content

feat(auth): multi-account OAuth support with auto-relogin#11832

Open
mguttmann wants to merge 1 commit intoanomalyco:devfrom
mguttmann:feat/oauth-multi-account
Open

feat(auth): multi-account OAuth support with auto-relogin#11832
mguttmann wants to merge 1 commit intoanomalyco:devfrom
mguttmann:feat/oauth-multi-account

Conversation

@mguttmann
Copy link

@mguttmann mguttmann commented Feb 2, 2026

Summary

  • Add support for multiple OAuth accounts per provider with automatic credential rotation
  • Implement browser-based auto-relogin for expired tokens using Puppeteer
  • Track per-request credentials with AsyncLocalStorage context

Closes #11830

Changes

Backend

File Description
auth/index.ts Multi-record OAuth store (add/remove/list accounts)
auth/rotating-fetch.ts Automatic failover on rate limits or auth failures
auth/browser.ts Puppeteer-based session management for auto-relogin
auth/credential-manager.ts Event-driven failover notifications
auth/context.ts AsyncLocalStorage for per-request credential tracking
config/config.ts oauth config block (cooldowns, retries, max attempts)
cli/cmd/auth.ts Browser session management CLI commands
server/routes/provider.ts Account CRUD, usage, browser session API endpoints
server/server.ts Root-level auth routes
provider/provider.ts Rotating-fetch integration

Frontend

File Description
settings-providers.tsx Manage accounts, set active, view usage
session-context-tab.tsx Show active account per session
dialog-settings.tsx Settings tabs structure

SDK

  • Regenerated from server routes with all new endpoints

@github-actions
Copy link
Contributor

github-actions bot commented Feb 2, 2026

The following comment was made by an LLM, it may be inaccurate:

Potential Duplicate PRs Found

  1. feat(auth): OAuth Marathon - multi-account credential rotation (feat(auth): OAuth Marathon - multi-account credential rotation #8590)

  2. feat(openai-oauth) OpenAI OAuth multi account support (feat(openai-oauth) OpenAI OAuth multi account support #8536)

  3. feat(usage): unified usage tracking with auth refresh ([FEATURE] Add unified usage tracking via /usage (#9545) #9281) (feat(usage): unified usage tracking with auth refresh (#9281) #9545)

I'd recommend reviewing #8590 most closely as it appears to address the same multi-account credential rotation feature set.

@mguttmann mguttmann mentioned this pull request Feb 2, 2026
Open
@mguttmann
Copy link
Author

mguttmann commented Feb 2, 2026

Thanks for the duplicate analysis! Here's how this PR compares to the flagged ones:

PR Status Comparison
#8590 (OAuth Marathon) Open Similar goal. This PR builds on that concept with additional features: Puppeteer-based auto-relogin for expired tokens, AsyncLocalStorage per-request credential context, event-driven failover via credential-manager, and a complete Settings UI for managing accounts
#8536 (OpenAI multi-account) Open OpenAI-specific. This PR is provider-agnostic — works with any OAuth provider, not just OpenAI
#9545 (usage tracking + auth refresh) Open Partial overlap on auth refresh. This PR has a dedicated browser.ts (828 lines) for full browser session management, not just token refresh

Key differentiators of this PR:

  • 🔄 rotating-fetch.ts — Automatic failover with configurable cooldowns, retries, and max attempts
  • 🌐 browser.ts — Puppeteer-based auto-relogin for expired tokens (no manual re-auth needed)
  • 📊 Full account management UI in Settings (add/remove accounts, set active, view usage)
  • 🧵 auth/context.ts — AsyncLocalStorage for per-request credential tracking
  • ⚙️ oauth config block with tunable rotation parameters

This is a clean split from the closed #9972 — focused solely on multi-account + auto-relogin (YOLO mode is in separate PR #11833).

This was referenced Feb 2, 2026
Open
Open
Open
@mguttmann
Copy link
Author

mguttmann commented Feb 2, 2026

image

@mguttmann
Copy link
Author

mguttmann commented Feb 2, 2026

image

@dan-myles
Copy link

dan-myles commented Feb 2, 2026

YO I NEED THIS

@mguttmann
Copy link
Author

mguttmann commented Feb 2, 2026

Thanks! 🙌 If you want to try it now, you can build from the branch — it's fully working and all CI checks pass.

@mguttmann mguttmann force-pushed the feat/oauth-multi-account branch 2 times, most recently from bd271d0 to 050f2c4 Compare February 2, 2026 22:47
@NotFiliberto
Copy link

NotFiliberto commented Feb 2, 2026

i need this too

@mguttmann mguttmann force-pushed the feat/oauth-multi-account branch from 050f2c4 to a02099f Compare February 3, 2026 08:30
@NotFiliberto
Copy link

NotFiliberto commented Feb 3, 2026

any change to have this merged in the main branch?

@mguttmann
Copy link
Author

mguttmann commented Feb 4, 2026

Hey @NotFiliberto — I'd love to see it merged too! It's up to the OpenCode maintainers at this point. CI is green, the feature is complete, and it's been working well in my daily builds. Currently waiting on developer feedback / review. Fingers crossed! 🤞

@kfiramar
Copy link

kfiramar commented Feb 4, 2026
edited
Loading

That'd be extremely helpful

@mguttmann mguttmann force-pushed the feat/oauth-multi-account branch 4 times, most recently from 82b0f3c to a0c9ca0 Compare February 5, 2026 09:38
@MiasmaAnagnorisis
Copy link

MiasmaAnagnorisis commented Feb 5, 2026

Thank you for implementing this! Really appreciate having legitimate multi-account OAuth rotation without needing workarounds.

@mguttmann mguttmann force-pushed the feat/oauth-multi-account branch 4 times, most recently from b2d82c0 to 484e508 Compare February 6, 2026 21:01
@rkdxodud-tyk
Copy link

rkdxodud-tyk commented Feb 7, 2026

Oh i need this

@mguttmann mguttmann force-pushed the feat/oauth-multi-account branch from 484e508 to 5f1e987 Compare February 7, 2026 23:31
feat(auth): multi-account OAuth support with auto-relogin
677c90d 
Add support for multiple OAuth accounts per provider with automatic
credential rotation and browser-based session management.

- Multi-account store: track multiple OAuth records per provider
- Credential rotation: automatically failover to next account on
  rate limits or auth failures (rotating-fetch)
- Browser sessions: Puppeteer-based auto-relogin for expired tokens
- Credential manager: event-driven failover notifications
- AsyncLocalStorage auth context for per-request credential tracking
- Provider settings UI: manage accounts, set active, view usage
- Session context tab: show which account is active per session
- Config: oauth rotation settings (cooldowns, retries, max attempts)
- CLI: browser session management commands
- Server routes: account CRUD, usage, browser session endpoints
- SDK: regenerated with all new multi-account endpoints
@mguttmann mguttmann force-pushed the feat/oauth-multi-account branch from 5f1e987 to 677c90d Compare February 8, 2026 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adamdotdevin adamdotdevin Awaiting requested review from adamdotdevin adamdotdevin is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat: Multi-Account OAuth Support with Auto-Relogin

6 participants

@mguttmann @dan-myles @NotFiliberto @kfiramar @MiasmaAnagnorisis @rkdxodud-tyk