Configuring Google login for Discourse


(Neil Lalonde) #1

Here’s how to configure Discourse to allow login and registration with Google OAuth2.

Go to https://console.developers.google.com and create a new Project.

(This can take a while, so wait a minute as needed for it to appear.)

Select Credentials in the left menu, and OAuth client ID type for the credentials.

Configure your OAuth Consent Screen. Fill as appropriate; we recommend populating all these fields, then click Save.

Now click Credentials. Choose “Web application” as the Application Type. In the Authorized JavaScript Origins section, add your site’s base url, including http:// or https://. In the Authorized Redirect URI section, add the base url with /auth/google_oauth2/callback. Click the Create button.

The OAuth client dialog will appear with client ID and secret.

Click Library in the left menu and you’ll see a huge list of Google API’s. Find Google+ API and enable it:

In your Discourse site settings, check “enable google oauth2 logins”, and fill in your google oauth2 client id and google auth2 client secret provided earlier.

That’s it, Google login should now work on your Discourse! Go ahead and test it out with any Google account.


OpenID2 for Google accounts is going away
Google and linkedin Login/Signin stoped working
Oauth Login requests 'offline access'
User should be able to login without verification
Configure oauth callback urls
Configure oauth callback urls
[Paid] Discourse configuration changes
(Freddie Haddad) #126

OK, I just went through the procedure again. For Google OAuth to work, just follow the instructions as they are explained in the OP. If your SSL certificates (if applicable), DNS, and Discourse are set up correctly, everything will work. You do not need to submit any special forms. The two APIs mentioned are all that is needed for OAuth login support with Discourse.

If for some reason, you need access to additional APIs, you will then need to submit a form explaining why.

P.S. My original reason for coming here and asking questions had to do with my DNS settings be incorrect which caused issues with the callback URL.


(Jeremie Leroy) #128

Hi guys,

if you are facing the below error while login with google auth, it is just because you need to enable Google+ API and contacts API like writen in the above tutorial


(Michael Brown) #129

FYI Google suggests migrating to using the People API instead:


(Sam Saffron) #130

We need more details here it looks like OAuth2 is still fine, this is about converting “Contacts API” to “People API”

@neil do we simply need to change this line in the instructions?


(Michael Brown) #131

I just disabled Contacts for my test site (leaving only Google+ API) and login is fine, plus the GoogleUserInfo record looks identical. Maybe we can just remove Contacts from the instructions?


(Sam Saffron) #132

Sure let’s remove the instructions!


(Alex Legrand) #133

I do exactly like the tutorial and get
Faraday::SSLError (SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: tlsv1 alert internal error)
/usr/local/lib/ruby/2.4.0/net/protocol.rb:44:in `connect_nonblock’

does google request the site to run https ?

(btw google auth doesn’t work here on meta.discourse.org)


(Joshua Rosenfeld) #134

This has been resolved - it was broken for ~1 hour this morning due to an unexpected result of some new code.