This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to authorize via Google on a web site for selected domains (mails)?

Posted on 03-26-2024 06:36 AM
codenear
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I'm interested in the question: is it possible to configure the Google OAuth application so that the site can only be entered from certain domains (mails)?

Perhaps there is functionality on the Google OAuth side to prohibit login and registration on the site for everyone (White List for authorization) The site is powered by WordPress

I will be glad to any advice and help.

It is necessary to restrict users who can log in via Google on the WordPress site

Example: A WordPress site with authorization via Google, you need to make it possible to skip only those domains (mails) that are added to the list of allowed authorizations, for example - mail@example.com (Business accounts) and reject others - mail@gmail.com

Solved Solved
0 1 179
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @codenear,

This seems to be not possible as this is not a built-in feature of Google OAuth and needs to be implemented on your WordPress site, but on the other hand, you can configure Google OAuth application to restrict login and registration on your WordPress site to certain domains (emails). This can be a workaround you can try by using the Google OAuth API to authenticate users and add a custom validation step in your WordPress site to check the user's email domain. If the domain is not in the whitelist, you can deny access

You can try these steps below:

  1. Enable the Google OAuth API on your project.
  2. Configure the OAuth consent screen and add your WordPress site's domain to the authorized JavaScript origins and redirect URIs.
  3. Generate OAuth client credentials (client ID and client secret) for your WordPress site.
  4. In your WordPress site, install and activate a plugin that supports Google OAuth login, such as "Google OAuth Login".
  5. Modify the plugin to include a custom validation step that checks the user's email domain against a whitelist. If the domain is not in the whitelist, deny access.

Let me know if this works.

View solution in original post

Jump to Solution
1 REPLY 1

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @codenear,

This seems to be not possible as this is not a built-in feature of Google OAuth and needs to be implemented on your WordPress site, but on the other hand, you can configure Google OAuth application to restrict login and registration on your WordPress site to certain domains (emails). This can be a workaround you can try by using the Google OAuth API to authenticate users and add a custom validation step in your WordPress site to check the user's email domain. If the domain is not in the whitelist, you can deny access

You can try these steps below:

  1. Enable the Google OAuth API on your project.
  2. Configure the OAuth consent screen and add your WordPress site's domain to the authorized JavaScript origins and redirect URIs.
  3. Generate OAuth client credentials (client ID and client secret) for your WordPress site.
  4. In your WordPress site, install and activate a plugin that supports Google OAuth login, such as "Google OAuth Login".
  5. Modify the plugin to include a custom validation step that checks the user's email domain against a whitelist. If the domain is not in the whitelist, deny access.

Let me know if this works.

Jump to Solution
Top Solution Authors
View all