Configure Google login for Discourse

:bookmark: This guide explains how to set up Google login integration for your Discourse site by configuring OAuth2 credentials in the Google Cloud Console.

:person_raising_hand: Required user level: Administrator

Overview

Google login allows users to sign in to your Discourse site using their Google accounts. This guide will walk you through:

  1. Creating a Google Cloud project
  2. Setting up OAuth consent
  3. Configuring credentials
  4. Enabling Google login in Discourse

Create a Google Cloud project

  1. Navigate to https://console.developers.google.com
  2. Click “Select a project” in the top left

  1. Click “NEW PROJECT” in the top right

  1. Enter a project name and optionally edit the Project ID
  2. Click “Create”

:information_source: If you see any errors after creating the project, refresh the page using Ctrl+F5.

Configure OAuth consent

  1. Select your project
  2. Navigate to “OAuth consent screen” in the left panel
  3. Select “External” and click “Create”

  1. Fill in the application details:
    • Enter your application name
    • Add your domain under authorized domains
    • Configure user support email
    • Add developer contact information

:warning: As of September 13, 2021, Google requires HTTPS for all OAuth implementations.

Set up credentials

  1. Go to the “Credentials” tab
  2. Click “+ CREATE CREDENTIALS” and select “OAuth client ID”

  1. Configure the OAuth client:
    • Select “Web application” as the Application Type
    • Add your site’s base URL under Authorized JavaScript Origins (including https://)
    • Add your callback URL under Authorized Redirect URIs: https://your-discourse-site.com/auth/google_oauth2/callback
    • Click “Create”

  1. Save the provided client ID and client secret

Configure Discourse settings

  1. In your Discourse admin settings:
    • Enable the setting enable google oauth2 logins
    • Enter your google oauth2 client id
    • Enter your google oauth2 client secret

Verify and publish

  1. Test the integration while in “Testing” status by adding a Google user
  2. To make the integration publicly available:
    • Change the status to “In production”
    • Complete Google’s verification process
    • Verify site ownership through Google Search Console

Additional configuration

G Suite login

To restrict login to specific G Suite domains:

  1. Enable the google oauth2 hd site setting
  2. Enter your G Suite domain

Troubleshooting

If you experience login issues:

  • Verify that HTTPS is properly configured
  • Double-check all redirect URIs
  • Ensure your site’s SSL certificate is valid
  • Confirm that all required Google Cloud APIs are enabled

Related resources

Last edited by @jessii 2024-11-21T18:29:20Z

Check documentPerform check on document:
164 Likes

Unfortunately, if I follow the instructions, the login does not work.

In order to get the login to work, I had to add both URL formats for redirection.

https://forum.example.com//auth/google_oauth2/callback http:///forum.example.comauth/google_oauth2/callback

However, I am now unable to submit the app for publication because Google only requires addresses in the HTTPS format.

Any advice on how to solve this?

I guess you don’t have a standard install and need to turn on force_https.

I followed the official installation. Force HTTPS is enabled.

EDIT: It’s weird, but now it’s started to work! I tried it at least ten times before, but it didn’t work.

I can’t explain it because the procedure was exactly the same. Maybe something on Google’s side?

:person_shrugging: It makes no sense that it’d be accessing google with http.

A post was split to a new topic: Google login regression, possibly after recent changes