Google authentication

Google lets your users sign in with the Google account they already use for Gmail, Workspace, and other services. Once connected, you can use Google as a social provider in your WeWeb auth flows without managing passwords yourself.

Setup in Google Cloud

All configuration for this provider happens in the Google Cloud Console. You will create an OAuth client and enable “Sign in with Google” for the web.

1. Create a project and enable OAuth

1. Go to the Google Cloud Console.
2. Create or select a project for your application.
3. In the left menu, open APIs & Services → OAuth consent screen and complete the consent screen setup:
   • Choose External for most public apps
   • Fill in the app name and support email
   • Add your app domains (for example your WeWeb preview or production domains) under Authorized domains
4. Save and continue until the consent screen is published (or in testing with test users).

2. Create OAuth client credentials

1. Still in APIs & Services, go to Credentials.
2. Click Create credentials → OAuth client ID.
3. Choose Web application as the application type.
4. Under Authorized JavaScript origins, add the domains where users will access your app (for example your published WeWeb domain and any custom domains).
5. Under Authorized redirect URIs, add the redirect URL you want Google to send users back to after sign in. This should match the URL you plan to use as the Success page in WeWeb (for example your main app or dashboard page).
6. Click Create and copy the generated Client ID and Client secret.

3. Configure “Sign in with Google” (optional screen)

Depending on your Google Cloud UI, you may also see a dedicated Sign in with Google configuration card (similar to the screenshot in this guide). If so:

1. Enable Sign in with Google for the web.
2. Paste the same Client IDs and Client Secret (for OAuth) you just created.
3. Save the configuration.

Connect Google in WeWeb

With your Google credentials ready, connect the provider in WeWeb.

1. In the WeWeb editor, open Data & API → Auth → Integrating providers.
2. Find the Google provider section and expand it.
3. Turn on the Enable toggle for Google.
4. Paste your values:
   • Client IDs — Your Google OAuth client ID. If you use multiple client IDs (for example Web and Android), paste them as a comma‑separated list.
   • Client Secret (For OAuth) — The client secret from your Google OAuth client.
5. Save your changes.

Under the hood, WeWeb stores these values as environment variables (PROVIDER_GOOGLE_ENABLED, PROVIDER_GOOGLE_CLIENT_ID, PROVIDER_GOOGLE_CLIENT_SECRET) and uses them to configure the Google social provider on your backend.

TIP

Google is used purely as a sign‑in provider; once the user is authenticated, they behave like any other WeWeb user.

Test sign in with Google

After saving the provider configuration, test that everything works end‑to‑end.

1. In the editor, add a button or link to your interface.
2. Attach a workflow with the Sign in with social provider interface action.
3. In the action options:
   • Set Provider to google
   • Choose a Success page (where users land after sign in)
   • Choose an Error page (where to send users if Google sign in fails)
   • Optionally choose a New user page if you want to route first‑time users differently
4. Preview your project and click the button.
5. Complete the Google sign‑in flow with a test Google account.
6. Confirm that:
   • You are redirected to the correct page
   • The user appears as authenticated in WeWeb (for example, sections that require authentication now show, and the back‑auth store reports a logged‑in user).

For general information about how sessions, roles, and page protection work once a user is signed in, refer to the main auth documentation (Users and roles and Integrating providers pages).

Common pitfalls

Redirect URI mismatch

If Google shows a redirect_uri_mismatch error, the redirect URL used by your app does not match what you configured in the Google Cloud Console.

• Double‑check the URL you added under Authorized redirect URIs.
• Make sure it exactly matches the URL you are using as the success / callback page in WeWeb (including protocol and any path).

Wrong domain or environment

If sign in works in one environment but not another (for example preview vs production), check that:

• All relevant domains (preview URL, custom domain, production URL) are listed in Authorized domains and Authorized JavaScript origins.
• You have updated the Google OAuth client if you change your WeWeb domain or custom domain.

Invalid client or secret

If Google shows errors like invalid_client:

• Confirm you pasted the correct Client ID and Client Secret (for OAuth) into the Google provider section in WeWeb.
• Make sure there are no extra spaces or missing characters when copying the values.

Reference

WeWeb settings

Setting	Description	Where to find it in Google
Client IDs	One or more OAuth client IDs that identify your app to Google.	APIs & Services → Credentials → OAuth 2.0 Client IDs (copy the Client ID for your web application; add additional IDs separated by commas if needed).
Client Secret(for OAuth)	Secret used by the backend when exchanging the authorization code for tokens.	Same OAuth 2.0 client in Credentials (copy the Client secret).

FAQs

Can I use multiple Google OAuth clients?

Yes. If you have separate client IDs for web, Android, or Chrome extensions, you can paste them into Client IDs as a comma‑separated list. Make sure each client is configured with the correct domains and redirect URIs.

Do I need to change anything in my workflows to use Google?

No. Once Google is enabled and configured, you simply use the Sign in with social provider interface action and set Provider to google. The rest of your auth logic (roles, protected pages, backend access checks) stays the same.

Can I mix Google sign in with email/password?

Yes. Users can sign up with email/password or sign in with Google on the same project. Behind the scenes, both methods work with the same user and session system.