Android - Appwrite self-host - Google OAuth error: "User (role: guests) missing scope (account)"

I am having a very hard time getting my users authenticated using Google's OAuth2 and Appwrite. I am self-hosting on a personal server, let's call it https://mydomain.com

I have this code to log a user in:

<Code 1 in Comments>

That opens a chrome browser on my device for the user to log in. After logging in with google, the user is redirected to my website at https://oauth.mydomain.com/google-success successfully.

After this step, a user appears in Appwrite Auth correctly. I can see it if I visit https://appwrite.mydomain.com/dashboard. Under "Sessions", I see a new session entry created after logging in, and I even see a "session.create" activity under activities!

This is where I'm getting lost. My understanding is that google should redirect the user to this URL and also provide some information (I read about some code and state variables, are those the ones?). However, when I try to console.log the URL the user is sent to, it has no variables set.

The code I wrote to get the URL in my website https://oauth.mydomain.com/google-success is this (javascript is not my strong point :D):

<Code 2 in Comments>

The above just prints https://oauth.mydomain.com/google-success#, no variables of any type.

If I instead set the redirect site at https://oauth.mydomain.com/google-success to just redirect the user to a deep link at myappsname://google-success, I get the User (role: guests) missing scope (account) error when trying to run val user = SessionManager.account.get()

This is how I'm handling in my android code:

<Code 3 in Comments>

What is the problem here? A) Is this some misconfiguration of Google OAuth on my end? If this OAuth was set correctly, would I be able to get the variables I need in this way? B) I can't see any scope in Google's docs named account, not sure if that's my mistake or not?

Thanks a lot, I'm banging my head against this the last couple of days, appreciate any help.

Cheers!

Code 1:

 
val url = SessionManager.account.createOAuth2Session( 
            provider = OAuthProvider.GOOGLE, 
            activity = this,  
            success = "https://oauth.mydomain.com/google-success",   
            failure = "https://oauth.mydomain.com/google-failure"  
        )  
  
        val intent = Intent(Intent.ACTION_VIEW, Uri.parse(url.toString()))  
        startActivity(intent)

Code 2:

        // Get the full URL
        const fullUrl = window.location.href;

        // Extract query parameters
        const queryString = window.location.search;
        const urlParams = new URLSearchParams(queryString);
        const code = urlParams.get('code');
        const state = urlParams.get('state');

        console.log('Full URL:', fullUrl);
        console.log('Authorization Code:', code);
        console.log('State:', state);

Code 3:

private fun handleDeepLink(intent: Intent?) {  
    val data: Uri? = intent?.data  
    Log.d("Appwrite Auth", "data: $data")  
    if (data != null) {  
        when (data.host) {  
            "oauth-success" -> {  
                Log.d("Appwrite Auth", "Login successful!")  
                fetchUserData()  
            }  
            "oauth-failure" -> {  
                Log.d("Appwrite Auth", "Login failed!")  
            }  
        }  
    }  
}

private fun fetchUserData() {  
    CoroutineScope(Dispatchers.Main).launch {  
        try {  
            val user = SessionManager.account!!.get() // Error here!!
            Log.d("Appwrite Auth", "User logged in: ${user.toMap()}")  
        } catch (e: Exception) {  
            Log.e("Appwrite Auth", "Error fetching user details", e)  
        }  
    }  
}