Connect Apps to Google
You can add functionality to your web app that allows your users to log in with Google.
Before you connect your Auth0 app to Google, you must have a Google Developer account. You will need to get an access token that will allow you to access the Google API. See Setting up OAuth 2.0 for details.
To connect your app to Google, you will:
- Set up your app in Google
- Enable the Admin SDK service
- Create and enable a connection in Auth0
- Test the connection
Set up your app in Google
Log in to Google Developer Console.
From the projects list, select a project or create a new one.
If the APIs & services page is already open, open the console left side menu and select APIs & services.
Click New Credentials, then select OAuth client ID.
On the OAuth consent screen, under Authorized domains, add
Select Web application and complete form including the following information:
|Authorized redirect URIs||
Find your Auth0 domain name for redirects
If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, plus
.auth0.com. For example, if your tenant name were
exampleco-enterprises, your Auth0 domain name would be
exampleco-enterprises.auth0.com and your redirect URI would be
If you are using custom domains, your redirect URI will have the following format:
https://<YOUR CUSTOM DOMAIN>/login/callback.
Enable the Admin SDK service
Follow Google's Enable and disable APIs instructions.
Create and enable a connection in Auth0
Set up the Google social connection in Auth0. Make sure you have the API key and the API secret key generated.
Test the connection
You're ready to test your connection. After logging in, you'll be prompted to allow your app access. To do so, click Install unlisted app.
Access the Google API
Once a user successfully authenticates, Google will include an Access Token in the user profile it returns to Auth0. You can use this token to call Google's API.
To get the Google Access Token, you must retrieve the full user's profile using the Auth0 Management API and extract the Access Token from the response. For detailed steps, see Call an Identity Provider's API.
Using the token, you can call Google's API following Google's documentation.
To request a refresh token, include the
access_type=offline parameter when calling the Auth0
/authorize endpoint. Additional scopes can be included in the /authorize request using the
For more information, see Identity Provider Access Tokens.