diff --git a/apps/user/public/oauth/google/index.html b/apps/user/public/oauth/google/index.html
new file mode 100644
index 0000000..2961fd0
--- /dev/null
+++ b/apps/user/public/oauth/google/index.html
@@ -0,0 +1,28 @@
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>OAuth Redirect</title>
+    <meta http-equiv="refresh" content="0; url=/#/auth" />
+    <script>
+      (function () {
+        try {
+          // Providers redirect to a path without URL fragments (#). Our app uses hash routing.
+          // Bridge /oauth/<provider>[/]?... -> /#/oauth/<provider>?...
+          var path = window.location.pathname || "/";
+          // Normalize trailing slash so /oauth/google/ and /oauth/google both map to the same route.
+          path = path.replace(/\/$/, "");
+          var search = window.location.search || "";
+          var target = "/#" + path + search;
+          window.location.replace(target);
+        } catch (e) {
+          window.location.replace("/#/auth");
+        }
+      })();
+    </script>
+  </head>
+  <body>
+    Redirecting…
+  </body>
+</html>
diff --git a/apps/user/public/oauth/telegram/index.html b/apps/user/public/oauth/telegram/index.html
new file mode 100644
index 0000000..82deea9
--- /dev/null
+++ b/apps/user/public/oauth/telegram/index.html
@@ -0,0 +1,27 @@
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>OAuth Redirect</title>
+    <meta http-equiv="refresh" content="0; url=/#/auth" />
+    <script>
+      (function () {
+        try {
+          // Providers redirect to a path without URL fragments (#). Our app uses hash routing.
+          // Bridge /oauth/<provider>[/]?... -> /#/oauth/<provider>?...
+          var path = window.location.pathname || "/";
+          path = path.replace(/\/$/, "");
+          var search = window.location.search || "";
+          var target = "/#" + path + search;
+          window.location.replace(target);
+        } catch (e) {
+          window.location.replace("/#/auth");
+        }
+      })();
+    </script>
+  </head>
+  <body>
+    Redirecting…
+  </body>
+</html>
diff --git a/apps/user/src/sections/auth/oauth-methods.tsx b/apps/user/src/sections/auth/oauth-methods.tsx
index 96548bd..b1e6595 100644
--- a/apps/user/src/sections/auth/oauth-methods.tsx
+++ b/apps/user/src/sections/auth/oauth-methods.tsx
@@ -35,7 +35,10 @@ export function OAuthMethods() {
               onClick={async () => {
                 const { data } = await oAuthLogin({
                   method,
-                  redirect: `${window.location.origin}/oauth/${method}`,
+                  // OAuth providers disallow URL fragments (#) in redirect URIs.
+                  // Use a real path (with trailing slash so static hosting can serve /oauth/<provider>/index.html)
+                  // which then bridges into our hash-router at /#/oauth/<provider>.
+                  redirect: `${window.location.origin}/oauth/${method}/`,
                 });
                 if (data.data?.redirect) {
                   window.location.href = data.data?.redirect;