- Create Google OAuth credentials with the Google Auth Platform.
- Configure and test a Google social connection with the Auth0 Dashboard.
Before you start
Before you configure Google as a social connection, you need:
- An Auth0 account. If you do not have one, you can sign up for free.
- A Google Developer account.
- A Google Project.
- An application registered in the Auth0 Dashboard.
Google Auth Platform
The Google Auth Platform is a section within the Google Cloud Console that helps you manage your applications and OAuth credentials for logging in and calling Google APIs. To learn more, read Get started with the Google Auth Platform on Google’s documentation. Use the Google Auth Platform to:- Configure the Google consent screen.
- Create a Google OAuth 2.0 Client.
Configure the Google consent screen
Before creating an OAuth client ID, you must configure the OAuth consent screen with information about your application. When you use OAuth 2.0 for authorization, your application requests one or more scopes of access from a Google Account. Google displays a consent screen to the user, including a summary of your project, its policies, and the requested access scopes.If your application requests sensitive OAuth scopes or uses a custom image, Google limits it to 100 logins until the OAuth consent screen is verified. Consent screen verification may take up to several days.
Configure branding
Navigate to Google Auth Platform > Branding. For Authorized domains, enter
auth0.com. If you are using a custom domain, enter your custom domain instead.Configure audience
Navigate to Google Auth Platform > Audience. For User type, select Make External. In Test Users, you can add the email addresses you want to use for testing.
Configure data access
Navigate to Google Auth Platform > Data Access to add or remove scopes. To learn more, read OAuth 2.0 Scopes for Google APIs on Google’s documentation.
Create a Google OAuth 2.0 Client
To create a Google OAuth 2.0 Client, you need your Auth0 domain, which you can find in the Auth0 Dashboard. Navigate to Auth0 Dashboard > Settings > Custom Domains to find your domain:- If you have not configured a custom domain, your Auth0 domain name is
YOUR_TENANT_NAME.YOUR_REGIONAL_SUBDOMAIN.auth0.com. Your redirect URI ishttps://YOUR_TENANT_NAME.YOUR_REGIONAL_SUBDOMAIN.auth0.com/login/callback. - If you have configured a custom domain, use your custom domain instead. Your redirect URI is
https://YOUR_CUSTOM_DOMAIN/login/callback.
If you created your US tenant before June 2020, your Auth0 domain name does not include the regional subdomain:
YOUR_TENANT_NAME.auth0.com.Enter your client details
Enter the following information for your OAuth 2.0 Client:
Replace
| Field | Value |
|---|---|
| Name | The name of your OAuth 2.0 Client |
| Authorized JavaScript origins | https://YOUR_DOMAIN |
| Authorized redirect URIs | https://YOUR_DOMAIN/login/callback |
YOUR_DOMAIN with the Auth0 domain you found in the previous step.Configure Auth0
Use the Auth0 Dashboard to create and configure a Google social connection with the OAuth credentials you created.Create a Google social connection
Navigate to Auth0 Dashboard > Authentication > Social. Select Create Connection and then Google/Gmail.
Enter a name and your Google credentials
In General, enter a Name for the connection and the client credentials from the Google OAuth 2.0 Client you created:
- Client ID: The unique identifier for your application.
- Client Secret: The secret used by Auth0 to authenticate with Google on behalf of your application.
Test the connection
Once you have created your Google social connection, verify that it works before deploying to production.- Navigate to Auth0 Dashboard > Authentication > Social.
- Select the Google connection from the list.
- Select Try Connection.
- Authenticate with your Google account when prompted.
- Confirm that Auth0 returns user profile data, including the user’s name and email address.