Google social sign in
You can enable users to sign up and sign in using their Google credentials. To set this up, you need a Google cloud account and project, and a little technical know-how.
Note that Google has provided a topic about Google’s Create authorization credentials, but the steps don’t quite work. Until they update their docs, we recommend you use ours.
Google does not allow sign in auth to work in webview
Before connecting Google as a sign in option, be aware that Google does not support auth in webview. This means if a user opens a sign in window to your app in a webview (say via Instagram or from Facebook) they will receive an error.
Before you begin
Link to this section- Create a Google Cloud account.
- Create a Google Project.
- Get Google credentials (see below).
Get the Kinde Callback URL
Link to this section- Sign in to Kinde.
- Go to the Settings page and select Authentication.
- In the Social connections section, select Add connection.
- In the window that opens, select Google, then select Save.
- On the Google tile, select the Configure link.
- In the Callback URL section:
- If you use Kinde’s domain as your default, copy the Kinde domain URL.
- If you use custom domains, select the Use custom domain instead switch.
- If you have only one custom domain, copy the Custom domain URL. If you have custom domains for multiple organizations, select each one from the list and copy the callbacks for each. You need to enter all custom domain callbacks in the Google app.
- Use the copied Callback URL to set up the app, see below.
Get Google credentials
Link to this section- Navigate to the Google Cloud home page.
- Click Console in the top menu bar.
- In the left menu, select APIs & Services.
- If you are prompted to, create a new project.
- Select OAuth consent screen.
- Select if your project is Internal or External, then select Create.
- Complete all the app details (noting that you may need to go through the verification process if you upload a logo).
- Select Save and Continue.
- In the Scopes step, select Add or remove scopes.
- In the screen that appears, add the following non-sensitive scopes:
./auth/userinfo.email
and./auth/userinfo.profile
then select Update. - Select Save and continue.
- Add test users if you want, then select Save and continue.
- Back in the main menu, select Credentials.
- Click Create Credentials at the top of the page and select OAuth client ID.
- In the Web application dropdown menu, choose Web Application.
- Name your OAuth 2.0 client.
- Add your Authorized redirect URIs. These are the Callback URLs you copied in the previous procedure. Add entries for all your organization custom domain callbacks, e.g.
account.customdomainone.com/login/callback
,account.customdomaintwo.com/login/callback
, etc. - Click Create.
- Copy your Client ID and Client Secret from the confirmation window.
Add Google credentials to Kinde
Link to this section- In Kinde, go to Settings and select Authentication.
- On the Google tile, select the Configure link.
- Paste your Client ID and Client Secret into the two fields.
- Select if you want to treat this connection as a trusted provider (this is on by default for Google). A trusted provider is one that guarantees the email they issue is verified. We recommend leaving this off for maximum security.
- Select which applications to switch this on for.
- Select Save. Your users will now be able to sign in using their Google credentials.