0

I'm trying to sign in automatically when possible using following code (TypeScript, called from a React app):

google.accounts.id.initialize({
  client_id: envSettings.auth.google.clientId,
  callback: signInWithJwt,
  auto_select: true,
});

google.accounts.id.renderButton(domElement, {
  theme: "outline",
});

google.accounts.id.prompt();

I now have following situation:

  • Signing in via the rendered button always works (locally and on my "Static Web App" hosted in Azure)
  • google.accounts.id.prompt() however only works on localhost but not on the server, even though the URLs are added in the "Authorized JavaScript origins" section in the Google console. I get following message in the browser console: [GSI_LOGGER]: The given origin is not allowed for the given client ID.
  • The only difference I see between localhost and the server is that server is running on https and localhost is using http.

For me this does not really make sense, as obviously it does work with the button. Any thoughts on what is wrong here?

PzYon
  • 2,963
  • 3
  • 16
  • 27

2 Answers2

1

Found the issue thanks to this post: https://stackoverflow.com/a/70739451/4092115

I had to set the referrer policy in my index.html as follows:

<meta name="referrer" content="strict-origin-when-cross-origin" />

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy

PzYon
  • 2,963
  • 3
  • 16
  • 27
0

You need to follow the message, "The given origin is not allowed for the given client ID." Go to the google cloud console, and allow the origin that your server is on. Go to your project > APIs and Services > Credentials > your OAuth 2.0 Client ID, and edit it to allow your domain to be authorized. authorized javascript origins page

This is for security purposes, so that a malicious actor cannot use your client ID to pose as your app on another domain, and access your users' data. Google documentation

eten
  • 803
  • 3
  • 14
  • Thanks for your reply. Yes, I get that and the server URL is actually added. If it wouldn't be added, I would assume that also using the button would not work? That's what is confusing me: Button works on both servers, the prompt only on localhost. – PzYon Feb 01 '23 at 12:40
  • Add `http://localhost `and `http://localhost:` to the authorized domains if you want it to work on localhost – eten Feb 02 '23 at 02:47
  • Yes, I did that. That's exactly the problem: It works on localhost but NOT on the server. And I added the URL for the server. – PzYon Feb 02 '23 at 07:25
  • I am facing the same prolem. Any solutions to this? – Utkarsh Sharma Apr 03 '23 at 03:24