Restrict Google OAuth2 to a domain


(Tiago Cruz) #1

Hello guys!

I’m using Google OAuth2 integration, and it’s working very well, but Is possible to restrict only google users from example.com instead of all users from universe? :smile:

Thanks a lot!


(Eduardo Rodrigues) #2

There is an option “email domains whitelist” in Settings > Login, another option is find a way to permit send the hd parameter(OpenID Connect  |  Google Identity Platform  |  Google Developers) in authentication, configuring a param in omniauth-google-oauth2.


(Adam Modlin) #3

Eduardo, where is the email domains whitelist setting? Also, isn’t the hd param only from OpenIDConnect not OAuth2?


(system) #4

(David Taylor) #5

You can now restrict google login to a single ‘hosted domain’ by using the google_oauth2_hd site setting.


(David Taylor) #6