Add Google Login to Your App
This guide will show you how to add functionality to your web app that allows your users to log in with Google. Along the way, you will also learn how to get an Access Token that will allow you to access the Google API.
- Generate a Client ID and Client Secret in your Google project. To do this, follow Google's Setting up OAuth 2.0 doc, and copy the Client ID and Client Secret that you generate.
Make sure you use the following settings:
- On the OAuth consent screen, under Authorized domains, add
- When asked to select an application type, choose Web application and set the following parameters:
|Name||The name of your application.|
|Authorized redirect URIs||
Find your Auth0 domain name for redirects
If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, plus
.auth0.com. For example, if your tenant name were
exampleco-enterprises, your Auth0 domain name would be
exampleco-enterprises.auth0.com and your redirect URI would be
If you are using custom domains, your redirect URI will have the following format:
https://<YOUR CUSTOM DOMAIN>/login/callback.
Enable the Google Admin SDK Service. To do this, follow Google's Enable and disable APIs doc.
Set up the Google social connection in Auth0. Make sure you have the Client ID and Client Secret generated in Step 1.
Access Google's API.
Once a user successfully authenticates, Google will include an Access Token in the user profile it returns to Auth0. You can use this token to call Google's API.
To get the Google Access Token, you must retrieve the full user's profile using the Auth0 Management API and extract the Access Token from the response. For detailed steps, see Call an Identity Provider's API.
Using the token, you can call Google's API following Google's documentation.