Skip to content

Google OAuth

Setup

  1. Create a new project on Google Cloud.

  2. Navigate to APIs & Services > OAuth consent screen.

  3. Configure the following:

    • Add the Privacy Policy and Terms of Service URLs.
    • Add these scopes: userinfo.email & userinfo.profile
    • Add your email as a test user
    • Save

  4. Go to Credentials > + Create Credentials > OAuth client ID

  5. Select Web Application and configure:

    • Add to Authorized JavaScript origins:
      • http://localhost:8000
      • https://your-site.com
    • Add to Authorized redirect URIs:
      • http://localhost:8000/complete/google-oauth2/
      • https://your-site.com/complete/google-oauth2/
      • Note: Include your subdomain (like www) if you use one. Don't forget the trailing slash /
    • Click Create

  6. Copy your credentials to .env.prod (or .env.local for local development):

    • SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = Client ID
    • SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = Client Secret

  7. Return to OAuth Consent Screen and click Publish App

  8. Select Prepare for verification and complete any missing fields

About Verification

Google will contact you by email to start verification. You'll need to verify your domain through Google Search Console first.

While waiting for verification:

  • Local development: Google login works normally
  • Production: Google login works but shows a warning until verified (typically a few days)