Skip to main content
This guide walks you through configuring Google as a social login provider for your application.

Prerequisites

Configure Google OAuth

1

Create OAuth credentials on Google Cloud

  1. Go to the Google Cloud Console
  2. Select your project (or create a new one)
  3. Navigate to APIs & Services > Credentials
  4. Click Create Credentials > OAuth client ID
  5. Select Web application as the application type
  6. Give it a name (e.g. “Prelude Session”)
  7. Copy the Client ID and Client Secret — you will need them in the next step
2

Set the authorized redirect URI

Still on the same OAuth client page in the Google Cloud Console:
  1. Under Authorized redirect URIs, click Add URI
  2. Enter the following URI:
https://${YOUR_CUSTOM_DOMAIN}/v1/session/login/oauth/google/callback
Replace ${YOUR_CUSTOM_DOMAIN} with your custom domain (e.g. session.yourapp.com).
  1. Click Save
The redirect URI must match exactly. Make sure there is no trailing slash and that you are using https.
3

Create the Google OAuth configuration

curl -X POST https://api.prelude.dev/v2/session/apps/${APP_ID}/config/login/oauth/google \
  -H "Authorization: Bearer ${MANAGEMENT_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{
    "client_id": "your-google-client-id",
    "client_secret": "your-google-client-secret",
    "enabled": true,
    "options": {
      "use_email_as_identifier": true,
      "allow_email_account_merge": true
    }
  }'
FieldDescription
client_idYour Google OAuth client ID.
client_secretYour Google OAuth client secret.
enabledSet to true to enable Google login.
options.use_email_as_identifierWhen true, the user’s Google email is stored as an email identifier.
options.allow_email_account_mergeWhen true, if a user with the same email already exists, the Google account is linked to the existing user.

Update the configuration

To update an existing Google OAuth configuration: 
curl -X PUT https://api.prelude.dev/v2/session/apps/${APP_ID}/config/login/oauth/google \
  -H "Authorization: Bearer ${MANAGEMENT_API_KEY}" \
  -H "Content-Type: application/json" \
  -d '{
    "client_id": "your-new-google-client-id",
    "client_secret": "your-new-google-client-secret",
    "enabled": true,
    "options": {
      "use_email_as_identifier": true,
      "allow_email_account_merge": true
    }
  }'

Delete the configuration

To remove Google OAuth from your application: 
curl -X DELETE https://api.prelude.dev/v2/session/apps/${APP_ID}/config/login/oauth/google \
  -H "Authorization: Bearer ${MANAGEMENT_API_KEY}"

What’s next?

Now that Google OAuth is configured on your backend, integrate the frontend using the Web Integration guide.