Google Provider
If you need a detailed guide on how to setup a provider pleaser refer to the Getting Started and Making your first integration guides.
Resources
- Setting up OAuth 2.0 - How to get credentials (opens in a new tab)
- Using OAuth 2.0 for Web Server Applications (opens in a new tab)
- Google OAuth 2.0 Scopes (opens in a new tab)
Setup
Callback URL
https://your-app.com/api/auth/integration/googleEnvironment variables
.env.local
AUTH_GOOGLE_ID=your-client-id
AUTH_GOOGLE_SECRET=your-client-secretAdd the provider to the auth.ts file.
auth.ts
import { NextIntegrate } from 'next-integrate';
export const { auth } = NextIntegrate({
// The URL of the app, e.g. https://example.com, set in the .env file.
// If you want to modify the redirect URL, to be prefixed with something else,
// you can do it here like this:
// base_url: process.env.BASE_URL! + "/some-prefix",
// This will change the redirect URL to eg. https://example.com/some-prefix/api/auth/integration/google
base_url: process.env.BASE_URL!,
providers: [
{
provider: 'google',
client_id: process.env.AUTH_GOOGLE_ID!,
client_secret: process.env.AUTH_GOOGLE_SECRET!,
integrations: [],
},
],
});Add an integration
auth.ts
import { NextIntegrate } from 'next-integrate';
export const { auth } = NextIntegrate({
// The URL of the app, e.g. https://example.com, set in the .env file.
// If you want to modify the redirect URL, to be prefixed with something else,
// you can do it here like this:
// base_url: process.env.BASE_URL! + "/some-prefix",
// This will change the redirect URL to eg. https://example.com/some-prefix/api/auth/integration/google
base_url: process.env.BASE_URL!,
providers: [
{
provider: 'google',
client_id: process.env.AUTH_GOOGLE_ID!,
client_secret: process.env.AUTH_GOOGLE_SECRET!,
integrations: [
{
name: 'some_custom_name',
options: {
scope: 'openid https://www.googleapis.com/auth/userinfo.profile',
},
callback: async (data) => {
// This is where you can save the data to a database, or do something else with it.
},
},
],
},
],
});Usage
To use the your new integration, you can use the <Integrate /> component found in the Getting Started Guide.
import Integrate from '@/components/integrate';
export default function Home() {
return (
<main>
<Integrate provider="google" name="some_custom_name">
Get Google User Info
</Integrate>
</main>
);
}Options
You can pass various parameters on the options object to customize the integration. The parameters are specific to the Google provider, please refer to the documentation (opens in a new tab), to verify the information if needed.
| parameter | type | required | description |
|---|---|---|---|
scope | string | true | A list of URL's that determines what the user will be prompted to give access to. You can parse multiple scopes by seperating with a space. Remember always to include the openid scope. You can find the full list of scopes here (opens in a new tab). |
access_type | string | false | Indicates whether Google should return a refresh_token after authenticating. the default value is online, if you want a refresh_token set this to offline. |
include_granted_scopes | boolean | false | Enables applications to use incremental authorization to request access to additional scopes in context. If you set this parameter's value to true and the authorization request is granted, then the new access token will also cover any scopes to which the user previously granted the application access (read more (opens in a new tab)). |
enable_granular_consent | boolean | false | Defaults to true. If set to false, more granular Google Account permissions will be disabled for OAuth client IDs created before 2019. No effect for newer OAuth client IDs, since more granular permissions is always enabled for them. When Google enables granular permissions for an application, this parameter will no longer have any effect |
login_hint | string | false | If your application knows which user is trying to authenticate, it can use this parameter to provide a hint to the Google Authentication Server. The server uses the hint to simplify the login flow either by prefilling the email field in the sign-in form or by selecting the appropriate multi-login session. Set the parameter value to an email address or sub identifier, which is equivalent to the user's Google ID. |
prompt | string | false | Determines if the OAuth flow should keep asking for consent. Default is none and can be set to either consent which will ask the user for consent every time they go through the OAuth flow, or select_account to prompt the user to select and account. |