Support linking accounts with redirect mode

[joaquim-verges]

---

PR-Codex overview

This PR introduces enhancements for account linking in the thirdweb library, particularly focusing on a new redirect mode for linking profiles. It modifies existing functions and adds new functionalities to support this flow.

Detailed summary

• Added linkProfileWithRedirect function to handle OAuth linking with redirect mode.
• Updated useLinkProfile.ts to change the query invalidation timeout from 500ms to 1000ms.
• Introduced authFlow parameter to various functions and interfaces to specify the type of authentication flow.
• Enhanced getLoginUrl to include authFlow in the redirect URL.
• Implemented handleLinkingFlow to manage the linking process after redirection.
• Updated the LinkAccount component to include a button for linking GitHub accounts using the new redirect method.
• Modified tests to account for the new authFlow parameter in getUrlToken.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

Summary by CodeRabbit

• New Features

  • Redirect-mode support for linking social accounts to in-app wallets (connect or link flows).
  • GitHub account linking via redirect added to the in-app wallet UI.
  • Auto-connect now handles redirect-based linking flows so linked profiles complete smoothly.

• Tests

  • Updated tests to include the new authFlow field in URL-token handling.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[changeset-bot]

🦋 Changeset detected

Latest commit: 17d976a

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 4 packages

Name	Type
thirdweb	Patch
@thirdweb-dev/nebula	Patch
@thirdweb-dev/wagmi-adapter	Patch
wagmi-inapp	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
docs-v2	Ready	Preview, Comment	Jan 20, 2026 10:00pm
nebula	Ready	Preview, Comment	Jan 20, 2026 10:00pm
thirdweb_playground	Ready	Preview, Comment	Jan 20, 2026 10:00pm
thirdweb-www	Ready	Preview, Comment	Jan 20, 2026 10:00pm
wallet-ui	Ready	Preview, Comment	Jan 20, 2026 10:00pm

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Adds redirect-mode account linking: new public linkProfileWithRedirect, connector/interface updates, URL authFlow propagation and detection, a linking-specific auto-connect flow, minor UI integration, and small timing tweak for cache invalidation.

Changes

Cohort / File(s)	Summary
Release Configuration .changeset/eleven-boxes-type.md	Adds changeset documenting patch-level change: "Support linking accounts with redirect mode".
Playground UI Integration apps/playground-web/src/components/in-app-wallet/profiles.tsx	Adds linkGithub handler and "Link Github" button that initiates redirect-based linking.
Public API Exports packages/thirdweb/src/exports/wallets/in-app.ts	Exports new linkProfileWithRedirect from in-app wallet auth module.
Connector Interface packages/thirdweb/src/wallets/in-app/core/interfaces/connector.ts	Adds optional linkProfileWithRedirect?(strategy, mode?, redirectUrl?): Promise<void> to InAppConnector.
Web Auth Implementation packages/thirdweb/src/wallets/in-app/web/lib/auth/index.ts, packages/thirdweb/src/wallets/in-app/web/lib/web-connector.ts	Adds linkProfileWithRedirect function and connector method; linkProfile detects redirect-mode social auth and delegates to redirect flow.
OAuth & URL Handling packages/thirdweb/src/wallets/in-app/web/lib/auth/oauth.ts, packages/thirdweb/src/wallets/in-app/web/lib/get-url-token.ts, packages/thirdweb/src/wallets/in-app/core/authentication/getLoginPath.ts	Adds `authFlow?: "connect"
Auto-connect & Linking Flow packages/thirdweb/src/wallets/connection/autoConnectCore.ts	Adds handleLinkingFlow to auto-connect stored wallet credentials and call linkAccount when URL token authFlow === "link", and integrates early-return linking path in _autoConnectCore.
Cache / Hook Tweak packages/thirdweb/src/react/web/hooks/wallets/useLinkProfile.ts	Increases profiles query invalidation delay on success from 500ms to 1000ms.
Tests packages/thirdweb/src/wallets/in-app/web/lib/get-url-token.test.tsx	Updates expectations to include authFlow (null) in returned token object where applicable.

sequenceDiagram
    participant User as User
    participant UI as Playground UI
    participant Auth as In-App Auth
    participant Connector as Web Connector
    participant OAuth as OAuth Provider
    participant Wallet as In-App Wallet

    User->>UI: Click "Link Github"
    UI->>Auth: call linkProfile(strategy: "github", mode: "redirect")
    Auth->>Connector: linkProfile(...)
    Connector->>Connector: detect redirect-mode social auth
    Connector->>OAuth: loginWithOauthRedirect(authFlow: "link")
    OAuth->>User: redirect to provider
    User->>OAuth: authenticate
    OAuth->>Auth: redirect back with authFlow=link in URL
    Auth->>Auth: getUrlToken() extracts authFlow
    Auth->>Auth: handleLinkingFlow() (auto-connect stored wallet)
    Auth->>Wallet: linkAccount(token) using ClientScopedStorage
    Wallet->>UI: trigger onConnect / update state

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~27 minutes

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 71.43% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	The PR description includes a PR-Codex overview with detailed summary of changes, but the template sections (issue tag, notes for reviewer, how to test) are left as comments and not filled out.	Add the Linear issue tag (TEAM-0000 format), fill out 'Notes for the reviewer' section with important callouts, and provide explicit testing instructions beyond the auto-generated summary.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly and concisely describes the main objective of the PR: adding support for linking accounts with redirect mode.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)

• TEAM-0000: Entity not found: Issue - Could not find referenced Issue.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[joaquim-verges]

• Support linking accounts with redirect mode #8643 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge-queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[github-actions]

size-limit report 📦

Path	Size
@thirdweb-dev/nexus (esm)	105.66 KB (0%)
@thirdweb-dev/nexus (cjs)	319.47 KB (0%)

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/thirdweb/src/exports/wallets/in-app.ts (1)

79-88: Add required public TSDoc for linkProfileWithRedirect.
Please ensure the exported symbol’s source definition includes comprehensive TSDoc with an @example and a custom annotation tag. As per coding guidelines, ...

🤖 Fix all issues with AI agents

In `@apps/playground-web/src/components/in-app-wallet/profiles.tsx`:
- Around line 94-101: Update the button label text to use the correct “GitHub”
capitalization: in the component rendering the Button (the Button instance with
props className="rounded-full p-6", disabled={isPending}, onClick={linkGithub},
variant="default"), change the display text from "Link Github" to "Link GitHub"
so the UI copy uses the proper brand capitalization.

In `@packages/thirdweb/src/wallets/connection/autoConnectCore.ts`:
- Around line 282-305: The active wallet selection currently always uses
storedActiveWalletId; update the logic in autoConnectCore so it prefers the
redirect-provided urlToken.walletId (if present) and only falls back to
storedActiveWalletId, i.e. derive a selectedWalletId = urlToken.walletId ||
storedActiveWalletId and then find or create the active wallet using
wallets.find((w) => w.id === selectedWalletId) ||
createWalletFn(selectedWalletId); keep existing behavior for authProvider and
storage checks unchanged.

In `@packages/thirdweb/src/wallets/in-app/web/lib/web-connector.ts`:
- Around line 470-483: The method linkProfileWithRedirect currently leaves mode
undefined which causes loginWithOauthRedirect to default to opening a window;
change linkProfileWithRedirect so mode defaults to "redirect" (either via its
parameter default or by passing mode ?? "redirect" into the call) so that
loginWithOauthRedirect is invoked with mode set to "redirect"; update the
function signature or the call site where linkProfileWithRedirect calls
loginWithOauthRedirect (referencing linkProfileWithRedirect and
loginWithOauthRedirect) to ensure redirect is the default behavior.

🧹 Nitpick comments (2)

packages/thirdweb/src/wallets/in-app/core/authentication/getLoginPath.ts (1)

18-57: Add an explicit return type for getLoginUrl.

This keeps the API surface consistent with TS style requirements.

♻️ Suggested fix

-export const getLoginUrl = ({
+export const getLoginUrl = ({
   authOption,
   client,
   ecosystem,
   mode = "popup",
   redirectUrl,
   authFlow,
 }: {
@@
-}) => {
+}): string => {

As per coding guidelines, please keep explicit return types in TS.

packages/thirdweb/src/wallets/in-app/web/lib/auth/index.ts (1)

219-237: Add an explicit return type for linkProfileWithRedirect.

Keeps the exported API consistent and avoids implicit inference for public SDK functions.

♻️ Suggested fix

-export async function linkProfileWithRedirect(
+export async function linkProfileWithRedirect(
   args: Omit<SocialAuthArgsType, "mode"> & {
     client: ThirdwebClient;
     ecosystem?: Ecosystem;
     mode?: "redirect" | "window";
   },
-) {
+): Promise<void> {

As per coding guidelines, please keep explicit return types in TS.

[codecov]

Codecov Report

❌ Patch coverage is 4.34783% with 154 lines in your changes missing coverage. Please review.
✅ Project coverage is 52.88%. Comparing base (93bcdc5) to head (17d976a).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
...thirdweb/src/wallets/connection/autoConnectCore.ts	0.91%	107 Missing and 1 partial ⚠️
...irdweb/src/wallets/in-app/web/lib/web-connector.ts	6.89%	27 Missing ⚠️
.../thirdweb/src/wallets/in-app/web/lib/auth/index.ts	0.00%	15 Missing ⚠️
...wallets/in-app/core/authentication/getLoginPath.ts	25.00%	3 Missing ⚠️
.../thirdweb/src/wallets/in-app/web/lib/auth/oauth.ts	0.00%	1 Missing ⚠️

❌ Your patch status has failed because the patch coverage (4.34%) is below the target coverage (80.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #8643      +/-   ##
==========================================
- Coverage   53.01%   52.88%   -0.13%     
==========================================
  Files         932      932              
  Lines       62355    62515     +160     
  Branches     4103     4105       +2     
==========================================
+ Hits        33057    33063       +6     
- Misses      29199    29352     +153     
- Partials       99      100       +1     

Flag	Coverage Δ
packages	52.88% <4.34%> (-0.13%)	⬇️

Files with missing lines	Coverage Δ
...irdweb/src/wallets/in-app/web/lib/get-url-token.ts	100.00% <100.00%> (ø)
.../thirdweb/src/wallets/in-app/web/lib/auth/oauth.ts	4.95% <0.00%> (-0.05%)	⬇️
...wallets/in-app/core/authentication/getLoginPath.ts	50.81% <25.00%> (-1.82%)	⬇️
.../thirdweb/src/wallets/in-app/web/lib/auth/index.ts	1.05% <0.00%> (-0.20%)	⬇️
...irdweb/src/wallets/in-app/web/lib/web-connector.ts	45.26% <6.89%> (-2.76%)	⬇️
...thirdweb/src/wallets/connection/autoConnectCore.ts	48.17% <0.91%> (-31.22%)	⬇️

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.