Use case:
Users authenticate with Google via zkLogin, generate a zkLogin proof, and mint their Digital Twin/agent on Sui Testnet for the Sui Overflow hackathon.
Please let me know if you need my redirect URI, deployed app URL, package ID, or any other project details.
Hey, the hosted Mysten prover (prover dot mystenlabs dot com) only accepts a fixed set of allowlisted client IDs, so any other Google OAuth client ID hits exactly that “audience not supported” error. It isn’t allowlisted per-project for the public testnet prover.
Two ways to unblock yourself for the hackathon:
Enoki (Mysten’s managed zkLogin service). You register your own Google OAuth client ID in the Enoki portal and it handles proving for you, so there’s no audience restriction. Easiest path for a hackathon app.
Self-host the prover. Run the Mysten zkLogin prover Docker image in your backend and point your app at it instead of the hosted endpoint. Since you control it, your client ID works with no allowlist needed.
For testnet on a hackathon timeline I’d go with Enoki. If you specifically need the hosted prover allowlisted, that’s a Mysten-side call and I can flag it internally, but Enoki or self-hosting will get you moving faster.