Set Up Google Login
This guide walks through configuring Google as an external identity provider.
1. Create Google OAuth Credentials
Go to Google Cloud Console
Navigate to Google Cloud Console → APIs & Services → Credentials → Create Credentials → OAuth client ID.
Configure the consent screen
If prompted, configure the OAuth consent screen:
- App name: Your app name
- User support email: Your email
- Authorized domains:
aero2.dev
Create OAuth client ID
| Field | Value |
|---|---|
| Application type | Web application |
| Name | Aero2 |
| Authorized redirect URIs | https://aero2.dev/rp/callback/google |
Save credentials
Copy the Client ID and Client Secret.
2. Configure Aero2
curl -X POST https://aero2.dev/api/idps \
-H "Authorization: Bearer <admin_token>" \
-H "Content-Type: application/json" \
-d '{
"name": "google",
"type": "oidc",
"display_name": "Google",
"client_id": "your-client-id.apps.googleusercontent.com",
"client_secret": "your-client-secret",
"authorization_endpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"token_endpoint": "https://oauth2.googleapis.com/token",
"userinfo_endpoint": "https://openidconnect.googleapis.com/v1/userinfo",
"scopes": "openid email profile"
}'3. Test It
- Visit your Aero2 login page
- Click "Sign in with Google"
- Select your Google account
- You should be redirected to the dashboard
Notes
- Google uses OIDC (type
oidc), not plain OAuth2 - The
openidscope is required for Google - Google automatically provides
emailandprofileclaims