How to Create Google OAuth Credentials

How to Create Google OAuth Credentials?

In this article, I will discuss How to Create Google OAuth Credentials. Please read our previous article discussing External Identity Providers in ASP.NET Core Identity

What is Google Account External Login?

Google Account External Login, in the context of web development, particularly with technologies like ASP.NET Core, refers to integrating Google’s authentication services into an application. This allows users to sign in to the application using their Google Account credentials. This form of authentication is a part of what’s commonly known as “social login” or “third-party authentication.” Here’s a more detailed explanation:

What Is It:

It allows users to sign in to your application using their existing Google Account, which could be associated with services like Gmail, YouTube, or Google Drive.

How It Works:
  • When a user opts to sign in with a Google Account, they are redirected to Google’s authentication service.
  • The user logs in with their Google credentials (or is automatically logged in if they are already signed into Google on their browser).
    After authentication, Google sends the user back to your application, typically with an OAuth 2.0 token.
  • Your application can use this token to access certain user information (like name, email address, profile picture) with the user’s consent.
Benefits:
  • Security: Users utilize their Google Account for authentication, reducing the risk associated with managing and storing user credentials.
  • Convenience: Simplifies the login process for users by allowing them to use an existing account.
  • Trust: Users might trust a well-known provider like Google more than a custom login system.
Implementation in ASP.NET Core:
  • This involves using Google’s authentication APIs and configuring them in your ASP.NET Core application.
  • You must register your application with Google to obtain credentials like a client ID and client secret.
  • The ASP.NET Core application uses middleware to facilitate the authentication process.
Use Cases:
  • Web applications where you want to provide users with a quick and secure login option.
  • Applications that need to interact with Google services on behalf of the user, like accessing Google Calendar or Contacts.
Compliance and Privacy:

When implementing Google Account external login, it’s essential to comply with privacy laws and regulations and ensure secure handling of user data.

What are Google OAuth Credentials?

Google OAuth credentials are part of the OAuth 2.0 authentication system, a standard for allowing secure access to user data held by a service like Google. These credentials are used to authenticate and authorize applications, websites, or services to access Google APIs on behalf of the user. Here’s a brief overview:

  • OAuth 2.0: This is the protocol used for authorization. It allows users to share specific data with an application while keeping their usernames, passwords, and other information private.
  • Credentials: In the context of Google OAuth, credentials include a client ID and a client secret. These are provided by Google when you register your application in the Google Cloud Console.

How to Create Google OAuth Credentials?

Creating OAuth credentials in the Google Cloud Platform involves a few steps. Here’s a general guide on how to do it:

Create a Project in Google Cloud Platform:

So, once you visit the URL https://console.developers.google.com, you will see the following page. Select your Google Account and country, Accept the Terms and License, and click the Agree and Continue button, as shown in the image below.

Create a Project in Google Cloud Platform

Once you click on the Agree and Continue button, it will open the following dashboard. Next, click on the Select a Project dropdown list from this dashboard, as shown in the below image.

How to Create Google OAuth Credentials?

Once you click on the Select a Project dropdown button, it will open the following window. Click on the NEW PROJECT button from this window, as shown in the image below.

How to Create Google OAuth Credentials?

Once you click on the NEW PROJECT button, it will open the below window. From this window, give your project a meaningful name (I am giving the Project name MyProject1) and then click the Create button, as shown in the image below.

How to Create Google OAuth Credentials?

Once you click the CREATE button, creating the project will take a few seconds. Once the project is created, you will get the following Notification message.

How Does Google OAuth Credentials Work?

Enable the Google API You Need:

In your project’s dashboard, navigate to “API & Services” and click the “Enabled APIs & Services” option, as shown in the image below.

Enable the Google API You Need

Once you click on the “Enabled APIs & Services” option, it will open the following window. You need to click the “+ ENABLE APIS AND SERVICES” button, as shown in the image below, to find the Google API you need (like Google Drive API, Gmail API, etc.) and enable it.

Enable the Google API You Need

Once you click on the “+ ENABLE APIS AND SERVICES” button, it will open the following window. Search for Google Plus API and click on it, as shown in the image below.

What are Google Oauth Credentials?

Once you click on the Google+ API, it will open the following Product Details Page, and from this page, click on the ENABLE button as shown in the below image.

What are Google OAuth Credentials?

Once you click the ENABLE button, it will add this product to your project and redirect you to the Enabled API and Services dashboard. You will see the Google+ API in the dashboard, as shown in the image below.

How Does Google OAuth Credentials Work?

Configure OAuth Consent Screen:

Choose the user type (usually “External” for apps available to any user with a Google account): From the Enabled API and Services on the left side, you will see the OAuth Consent Screen menu. Just click on this OAuth Consent Screen menu as shown in the below image:

Configure OAuth Consent Screen

It will open the following OAuth Consent Screen. Here, you need to select the External radio button and click the Create button, as shown in the image below.

Configure OAuth Consent Screen

Fill in the necessary information like App name, User support email, Developer contact email, etc: Once you click the Create button, it will open the following window. Here, you must provide the App Name, user support email, and Developer Email address. If you want, then you can also provide additional optional information and then click on the SAVE AND CONTINUE button as shown in the image below.

How to Create Google OAuth Credentials?

Add scopes if needed (scopes define the level of access you need: for example, if you’re working with Google Drive, you might need a scope that allows reading/writing files). We are not adding any scope here, so click the SAVE AND CONTINUE button. Again, click on the SAVE AND CONTINUE button from the Test Users. And finally, in the Summary section, you can verify the details.

Create OAuth Credentials:

Go to the “APIs & Services” > “Credentials” Page: From the Enabled API and Services, on the left side, you will see the Credentials menu. Just click on this Credentials menu as shown in the below image:

Create OAuth Credentials

Click on “Create Credentials” and select “OAuth client ID”: Once you click on the Credentials menu, it will open the following window. Here, click on the Create Credentials button and then select the OAuth client ID option as shown in the below image:

How Does Google OAuth Credentials Work?

On the next screen (i.e., Create OAuth Client ID)

  • Select Web application as the Application type
  • Provide a meaningful name for the OAuth client. Here, we are providing the name as MyWebClient1.

Authorized JavaScript Origins – This is the URL of where your application is running. To get this URL on your local host, right-click on the project name in Solution Explorer in Visual Studio and select Properties. On the Debug tab, click on the open debug launch profiles UI, and here, you will find the App URL. You will get both HTTPs (https://localhost:7056) and HTTP (http://localhost:5217) URLs, and you can also set both URLs by clicking on the Add URI option. Here, we are using the HTTPs URL only.

Authorized Redirect URIs – This is the path in our application that users are redirected to after Google authenticates them. The default path in ASP.NET Core is signin-google. So, the complete redirect URI is Application Root URI/signin-google. If we do not like this default path, signin-google, we can change it. We will discuss how to do this in our next article when we discuss integrating Google authentication into our ASP.NET Core application.

With the above settings in place, click on the Create button as shown in the below image:

How to Create Google OAuth Credentials?

Once you click the Create button, it will create the OAuth client ID and secret, and you will get the following message. Here, you can see the Client ID and Client Secret, and if you want, you can download the credentials (in JSON format) or copy the client ID and client secret from this page.

What are Google OAuth Credentials?

Now, you can use the downloaded JSON file or the copied credentials in your application to authenticate using OAuth 2.0, which we will discuss in our next article.

In the next article, I will discuss Integrating Google Authentication in ASP.NET Core MVC Application. In this article, I explain How to Create Google OAuth Credentials. I hope you enjoy this article, How to Create Google OAuth Credentials.

Leave a Reply

Your email address will not be published. Required fields are marked *