Docs
Authentication
Supabase Auth
Google OAuth Setup

Setting Up Google OAuth with Supabase

This guide will walk you through setting up Google OAuth for your Supabase project. Follow these steps to enable Google sign-in for your application.

Steps to Set Up Google OAuth (Old Version)

Note: If you are using the new Google OAuth consent screen experience and not the older one, please skip this section and proceed to the next section below for updated instructions.

  1. Set up a Google Cloud project:

    google_oauth_step1
  2. Configure the OAuth consent screen:

    google_oauth_step2
    • Fill in your app information:
    • Under Authorized domains, add your homepage domain and your Supabase project's domain (which is in the format <PROJECT_ID>.supabase.co). You can find it in Supabase by navigating to Project Settings > Configuration > API.
    oauth_step5b
    • Add the following non-sensitive scopes:
      • .../auth/userinfo.email
      • .../auth/userinfo.profile
      • openid
    google_oauth_step3
    • Add yourself as a test user. Save and continue.
  3. Create OAuth credentials:

    • Go to the API credentials page (opens in a new tab) under API & Services > Credentials.
    • Click Create credentials and choose OAuth Client ID.
    • For application type, choose Web application.
    • Under Authorized JavaScript origins, add your site URL, your Supabase project URL (found in Supabase by navigating to Project Settings > Configuration > API), and localhost URL including port like 3000 (so that it works in localhost).
    • Copy the Callback URL from Supabase. Navigate to Supabase Dashboard, then to Authentication > Providers and select Google. Enable sign-in with Google and copy the Callback URL (for OAuth), which will be in the format: https://project-name.supabase.co/auth/v1/callback.
    • Under Authorized redirect URLs in Google, enter the callback URL from the Supabase dashboard.
    google_oauth_step4
    • Click Create.
  4. Configure Google OAuth in Supabase:

    • When you finish configuring your credentials, you will be shown your client ID and secret. Add these to the Google Auth Provider section of the Supabase Dashboard by navigating to Authentication > Providers and select Google. And then click save.
    oauth_step10
    • Go to Authentication > URL Configuration in Supabase.
    • Add http://localhost:3000 to Site URL.
    • Add http://localhost:3000/* to Redirect URLs.

Note: Your Google auth will work in localhost already. If you are ready to go to production, you can proceed to the next step and complete verification. Apps in development, testing, or staging are not applicable for verification.

  1. Publish and verify your app (for production):

    • Go to API & Services > OAuth Consent Screen in Google again and click Publish App.
    • Once your app is published to production, click "Prepare for Verification" to submit your app for verification.
    • Go to Authentication > URL Configuration in Supabase.
    • Add https://your-domain.com to Site URL.
    • Add https://your-domain.com/* to Redirect URLs.
  2. Verify your domain:

    Lastly, get your domain verified in Google Search Console (opens in a new tab).

    google_oauth_step5

The Google OAuth review team will review your application and email you. You usually need to reply to get OAuth approved. This process might take a few days.

Steps to Set Up Google OAuth (New Version)

  1. Set up a Google Cloud project:

    google_oauth_step1
  2. Configure the OAuth consent screen:

    oauth_step1
    • Fill you App name and email. Then click Next.
    oauth_step2
    • Select user type as External and click Next.
    oauth_step3
    • Fill your contact information, finish and click Create.
    oauth_step4
    • Then go to Branding. And fill in your app information:
      • Website name
      • Email
      • Website logo
      • Website homepage link
      • Privacy policy link
      • Terms of service link
      • Under Authorized domains, add your homepage domain and your Supabase project's domain (which is in the format <PROJECT_ID>.supabase.co). You can find it in Supabase by navigating to Project Settings > Configuration > API.
    oauth_step5
    oauth_step5a
    • Then click on Save.
    • Then go to Data Access. And click on "Add or remove scopes".
    oauth_step6
    • Add the following non-sensitive scopes:
      • .../auth/userinfo.email
      • .../auth/userinfo.profile
      • openid
    google_oauth_step3
    • Click on Update. And then save.
  3. Create OAuth credentials:

    • Go to Clients. And click on "Create Client".
    oauth_step7
    • For application type, choose Web application. You can give any name for the client.
    oauth_step8
    • Scroll down to Authorized JavaScript origins and Authorized redirect URIs.
    • Under Authorized JavaScript origins, add your site URL, your Supabase project URL (found in Supabase by navigating to Project Settings > Configuration > API), and localhost URL including port like 3000 (so that it works in localhost).
    • Copy the Callback URL from Supabase. Navigate to Supabase Dashboard, then to Authentication > Providers and select Google. Enable sign-in with Google and copy the Callback URL (for OAuth), which will be in the format: https://project-name.supabase.co/auth/v1/callback.
    • Under Authorized redirect URLs in Google, enter the callback URL from the Supabase dashboard.
    • Click Create.
    oauth_step9
  4. Configure Google OAuth in Supabase:

    • When you finish configuring your credentials by completing the above steps, you will be shown your client ID and secret. Add these to the Google Auth Provider section of the Supabase Dashboard by navigating to Authentication > Providers and select Google. And then click save.
    oauth_step10
    • Go to Authentication > URL Configuration in Supabase.
    • Add http://localhost:3000 to Site URL.
    • Add http://localhost:3000/* to Redirect URLs.

Note: Your Google auth will work in localhost already. If you are ready to go to production, you can proceed to the next step and complete verification. Apps in development, testing, or staging are not applicable for verification.

  1. Publish and verify your app (for production):

    • Go to Audience in Google again and click Publish App.
    oauth_step11
    • Once your app is published to production, click "Prepare for Verification" to submit your app for verification.
    • Go to Authentication > URL Configuration in Supabase.
    • Add https://your-domain.com to Site URL.
    • Add https://your-domain.com/* to Redirect URLs.
  2. Verify your domain:

    Lastly, get your domain verified in Google Search Console (opens in a new tab).

    google_oauth_step5

The Google OAuth review team will review your application and email you. You usually need to reply to get OAuth approved. This process might take a few days.

That's it! Your Google OAuth setup with Supabase is complete! 😄