Google Apps created for Social Login now need to be verified by Google. Verification is required if your app is marked as Public. Before your consent screen and application are verified by Google, you can still test your application with some limitations, once the limitation is exceeded, users will receive a notification from Google, that the App is not verified and probably isn’t trustworthy.
So before proceeding, please have a look at the Unverified apps documentation which indicates how unverified apps may behave. If you would like to know more information about the verification it self, please check the OAuth Application Verification FAQ of Google.
Table of contents
- How to enable the provider
- Sync data
- Google Sign-In Branding Guidelines compatibility
- Common error messages
- Frequently Asked Questions
How to enable Google login in WordPress
1. App creation
To be able to log in via Google you must create a Google app first.
- Navigate to https://console.developers.google.com/apis/
- Log in with your Google credentials if you are not logged in
- If you don’t have a project yet, you’ll need to create one. You can do this by clicking on the blue “Create project” button on the right side! ( If you already have a project, click on the name of your project in the dashboard instead, which will bring up a modal and click New Project. )
- Click the Create button.
- Name your project and then click on the Create button again
- Once you have a project, you’ll end up in the dashboard.
- Click on the “Credentials” in the left hand menu to create new API credentials
- Select the OAuth consent screen!
- Enter a name for your App under the “Application name” field, which will appear as the name of the app asking for consent.
- Fill the “Authorized domains” field with your domain name probably: yourdomain.com without subdomains! (Where yourdomain.com is your site’s domain)
- Press “Save” and you will be redirected back to Credentials screen.
- Click the Create credentials button and select “OAuth client ID” from the dropdown.
- Your application type should be “Web application”
- Name your application
- Add the following URL to the “Authorised redirect URIs” field: https://yourdomain.com=wp-login.php?loginSocial=google (Where yourdomain.com is your site’s domain)
- Click on the Create button
- A modal should pop up with your credentials. If that doesn’t happen, go to the Credentials in the left hand menu and select your app by clicking on its name and you’ll be able to copy-paste the Client ID and Client Secret from there.
2. App setup
Once your Google app is ready you’ll need to copy and paste the Client ID and Client Secret to the Google provider’s Settings tab. You can find the information at your Google app’s Settings which you can reach from the left sidebar.
Once your Client ID and Client Secret has been added you need to verify the setup first. This verification helps you identify possible problems with the app.
The Client ID of your Google app. You can find it at left menu: Credentials → select your App.
The Client Secret of your Google app. You can find it at left menu: Credentials → select your App.
Username prefix on Register
Whenever a new user registers with their Google account they can get a custom prefix so you can easily identify them.
Fallback username prefix on register
Whenever a new user registers with their Google account and we can not generate a valid username from the first name or last name, a random username will be generated. With this option they can get a custom prefix so you can easily identify them.
Terms and conditions
This option can only be seen, if Terms and conditions is set to Show in Global Settings → Privacy tab. Here you can set custom Terms and Conditions for users who register with Google. For more information please read our GDPR documentation.
By default Nextend Social Login stores the first name, last name, email, avatar url and access token if it is possible, however some additional information can also be retrieved and stored.
When an option is checked, that field will be stored in a meta key with the specified name.
It determines when the synchronization shall happen.
- Register: whenever a new user registers with a provider, their data will be retrieved and stored.
- Login: whenever user logs in with a provider, their data will be retrieved and stored.
- Link: whenever user links and existing WordPress account with a provider, their data will be retrieved and stored.
Stores the user’s gender. Returns string.
Stores the user’s Google+ profile link. Returns string.
Stores the user’s locale. Returns string.
Stores the user’s introduction. Information is set at Google – About Me page. Returns string.
Stores the user’s birthday. Returns string in a format: YYYY-MM-DD.
Stores the user’s occupation. Information is set at Google – About Me page. Returns string.
Stores the user’s organization information from Google – About Me( Stored values: name, title, type, start date, end date, is it current). Returns array.
Stores the place where the user lives or where used to live in the past. Information is set at Google – About Me page. Returns array.
Stores the user’s tagline. Information is set at Google – About Me page. Returns string.
Stores the user’s age range. Returns string.
Stores the addresses of the user. Information is set at Google – About Me page. Returns array.
Stores the user’s phone numbers. Information is set at Google – About Me page. Returns array.
For fields marked with * it is essential to enable Google People API in your project!
- Navigate to Google API Console
- Select your existing Google APP on the top left corner with the “Select a project” option, if you have not selected it yet.
- Type “Google People API” in search field and click on the one called “Google People API”!
- By pressing “Enable” button, your App is done!
Nextend Social Login Pro Addon 3.0.14 and earlier used to depend on the Google+ API, which was announced to shut down on March 7, 2019. This is the reason Nextend Social Login – Pro Addon uses the Google People API starting with the version 3.0.15.
Google Sign-In Branding Guidelines compatibility
According to the Google Sign-In Branding Guidelines, the button need to comply with some requirements. At the buttons tab of the Google provider, there are predefined skins, which comply with those requirements.
Common error messages returned by Google during verification
The redirect URI in the request, https://yoursite.com/wp-login.php?loginSocial=google, (where the yoursite.com is your domain) does not match the ones authorized for the OAuth client.
The problem is that the entered Authorized redirect URIs field is not correct for your app. Check the 15th step of the App setup to fix the problem.
Error: invalid_client The OAuth client was not found.
Request is missing required authentication credential
Error: Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
The entered Client ID or Client Secret is not correct, it is probably contain some extra white-space characters. Make sure you copied the Client ID and the Client Secret in the appropriate format.
403 and 404 error
When your other providers work properly, but your Google provider gives you 403 or 404 error, your server or firewall will most likely have a limitation that prevents accessing to pages with HTTP/HTTPS links in them. For more information please visit our Google 403 and 404 errors documentation.
Frequently Asked Questions
Why am I not logged in automatically after the version 3.0.19?
For a better user experience we modified our Google authentication related codes. So once the user was already logged in with the Google provider and logged out, then the person will have the opportunity to chose a different Google account.
It was a common problem that users logged in with a Google account other then the one they wanted, so they logged out from the site. But from this point, the login happened automatically with the selected account.
Fortunately Google offers an account selector scope, so starting from Nextend Social Login 3.0.19, the account selection box will be offered instead of the autologin. In this way users will be able to choose the account they would like to login with.