feat(oauth): pre-select project on consent screen via team_id hint#66383
Merged
lucasheriques merged 2 commits intoJun 26, 2026
Conversation
Let an authorize URL carry a `team_id` so the consent screen pre-selects that project once the user's teams load (e.g. the wizard's --project-id). Honored only for project-level consent and only when the user has access to that team; otherwise ignored. The user still explicitly clicks Authorize, and team membership is enforced server-side on submit. Generated-By: PostHog Code Task-Id: db71c482-9c12-4f75-af93-fa23836280e5
graphite-app
Bot
added
stamphog
assign-reviewers-posthog
Bot
requested review from
a team,
MattBro,
fercgomes and
rafaeelaudibert
and removed request for
a team
![stamphog[bot]](https://avatars.githubusercontent.com/in/3000332?s=60&v=4){kind=small}
Contributor
Graphite Automations"Add graphite merge queue" took an action on this PR • (06/26/26)2 labels were added to this PR based on Lucas Faria's automation. |
Contributor
|
Contributor
|
Size Change: 0 B Total Size: 64.3 MB ℹ️ View Unchanged
|
Contributor
|
🎭 Playwright report · View test results →
These issues are not necessarily caused by your changes. |
rafaeelaudibert
approved these changes
Jun 26, 2026
Comment on lines
+362
to
+373
| // A team_id hint from the authorize URL (e.g. the wizard's --project-id) wins: | ||
| // pre-select that project and its org so the user just clicks Authorize. We only | ||
| // honor it if the user actually has access to that team (it's in their loaded | ||
| // teams); otherwise fall through to the normal default. | ||
| const teams = values.sortedTeams | ||
| if (values.teamHint && teams && values.requiredAccessLevel === 'team') { | ||
| const hinted = teams.find((t) => t.id === values.teamHint) | ||
| if (hinted) { | ||
| actions.setSelectedOrganization(hinted.organization, hinted.id) | ||
| return | ||
| } | ||
| } |
Member
There was a problem hiding this comment.
nit: What if this runs before urlToAction? Sounds unlikely, but it means this wouldn't work. Probably fine.
Contributor
Author
There was a problem hiding this comment.
Good catch to flag it. It's actually safe by construction: loadAllTeams is only ever dispatched from handleAuthorize itself (right after setTeamHint/setRequiredAccessLevel) or from createNewProject; both of which run after urlToAction, so loadAllTeamsSuccess can't fire before the hint is set.
That said, checking this surfaced a real adjacent issue: createNewProject re-fires loadAllTeamsSuccess, and since the hint persisted in the reducer it would briefly fight the user's freshly-created project. Fixed by consuming the hint once (clear it after applying), which also makes the whole thing robust to ordering. Same commit collapses the shadowed teams binding Greptile flagged.
Address review: collapse the redundant inner `teams` declaration, and clear the team hint after applying it so it can't re-fire and override a later manual project change or a project created on the consent screen (both also trigger loadAllTeamsSuccess). Generated-By: PostHog Code Task-Id: db71c482-9c12-4f75-af93-fa23836280e5
Contributor
|
👋 Visual changes detected for this PR. Review and approve in PostHog Visual Review If these changes are unexpected, they may be caused by a flaky test or a broken snapshot on master. Don't approve — rerun the job or wait for a fix. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
When a CLI like the
@posthog/wizardkicks off OAuth to instrument a specific project, it can pass--project-id, but the OAuth consent screen ignores it — the user has to manually pick the right project from a dropdown. That's the main friction point in the MCP analytics "magical onboarding": we tell the user which project to choose instead of just pre-selecting it.Changes
Lets an authorize URL carry an optional
team_idquery param. Once the user's teams load on the consent screen, we pre-select that project (and its org) so the user just clicks Authorize.Guardrails:
required_access_level=project).validate_scoped_teams), which is unchanged.The mechanism reuses the existing
setSelectedOrganization(orgId, preferredTeamId)path that already auto-selects a preferred team; the only new wiring is reading the URL hint and holding it across the async team load.This is additive and safe to ship alone: it does nothing unless an authorize URL includes
team_id, which only an updated wizard sends.How did you test this code?
I'm an agent (PostHog Code). Automated checks run:
oxlintclean on the changed file.oauthAuthorizeLogic(typegen:file,--show-ts-errors) with no type errors, confirming the newsetTeamHintaction /teamHintreducer wiring is consistent.Not manually tested in a browser. Suggested manual check: open
/oauth/authorize?...&required_access_level=project&team_id=<a project you belong to>and confirm that project is pre-selected; confirm ateam_idyou don't belong to is ignored.🤖 Agent context
Autonomy: Human-driven (agent-assisted)
Built with PostHog Code at Lucas's direction, as part of the MCP analytics onboarding work. An exploration agent mapped the OAuth consent flow (
posthog/api/oauth/views.py,oauthAuthorizeLogic.ts,OAuthAuthorize.tsx) and confirmed thepreferredTeamIdmachinery already existed, so the change is small and frontend-only — no backend/serializer/token changes needed.Decisions: chose pure pre-selection over "locking" the picker (simpler, and the user can still see/change the project before authorizing); gated the hint to project-level consent to avoid side effects on org-level grants; relied on the existing server-side membership validation rather than adding a redundant check.
Pairs with a wizard change that sends
team_idand honors--project-idpost-OAuth (separate PR), and the MCP analytics install command now emits--project-id(#66237).Created with PostHog Code