Auth0 Custom Google Social Login Connection

The Auth0 free tier only lets you have a couple social connections. If you use their Google one, then you have used up one of your connections.

We can create a custom social connection, and connect it to Google.

Head to GCP

• Click API & Services
• Click OAuth Consent Screen
• Fill out the requested info, put whatever you want for the URLs, just make sure you add the domain auth0.com
• Add the top 3 basic scopes: profile, email, openid
• Add test users
• save it all, and click "Credentials" on the left navigation menu
• Create an OAuth Client Id, for redirect URI use: https://YOUR_TENANT.us.auth0.com/login/callback

Now head over to Auth0, click "Authentication" -> "Social" -> Create

• Scroll to bottom of all the options, click "Create Custom"
• name it "GCP-whatever-you-want", might be a good idea to put your GCP project name or something
• Use the URLs they gave you on the Credentials screen in GCP
• Authorization URL: https://accounts.google.com/o/oauth2/auth
• Token: https://oauth2.googleapis.com/token

Finally, use this user info script:

function(accessToken, ctx, cb) {
  var i = jwt.decode(ctx.id_token);
  var p = {
    user_id: i.sub,
    email: i.email,
  };
  cb(null,p);
  }

The ID_Token from Google has the two most important things we need: sub, and email.

the access_token wont however.

Happy developing!

Comments

[Marcos A Herrera]

Hi Victorio

How are you? good post, was wonderful for me, i have an extra support, on the IDP that i using this custom connection, requires some extra parameters that comes from extended profile, likes to name, group, email and client_id.

The error from IDP is the following,if you see the error, are related with the IDP request that does not receive name, on custom social settings, i tried from scope (actually has jjust openid) but when i tried on this option,the other parameters not works and the error is different, when i tried from user info script, the error is the following, tried add the parameters on the script but not well. If you can help me,will be wonferfull Thanks
--------------- Error ------------------------
{
"status": "claimsError",
"idpClaims": {
"groups": [
"Everyone"
],
"picture": "cdn.auth0.com/avatars/default.png",
"sub": "oauth2|Madecentro|100174642858929196210",
"subType": "user"
},
"error": "Missing required claim: name"
}
------------------user info script----------------------------
function(accessToken, ctx, cb) {
var i = jwt.decode(ctx.id_token);
var p = {
user_id: i.sub,
email: i.email,
name: i.profile
};
cb(null,p);

}