# `PhoenixKitWeb.Plugs.EnsureOAuthScheme`
[🔗](https://github.com/BeamLabEU/phoenix_kit/blob/v1.7.165/lib/phoenix_kit_web/plugs/ensure_oauth_scheme.ex#L1)

Ensures correct HTTPS scheme for OAuth callback URL generation behind reverse proxies.

This plug checks (in order):
1. `X-Forwarded-Proto` header (nginx/apache standard)
2. Explicit `:phoenix_kit, :oauth_base_url` config
3. Endpoint URL configuration

## Usage

Automatically included in OAuth controller. No manual setup required.

## Configuration (Optional)

For edge cases where headers aren't available:

    config :phoenix_kit,
      oauth_base_url: "https://example.com"

# `call`

# `init`

---

*Consult [api-reference.md](api-reference.md) for complete listing*