Skip to content
Google OAuth2 Strategy for Überauth.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
lib Add support for optional login_hint param Jul 7, 2019

Überauth Google Hex Version

Google OAuth2 strategy for Überauth.


  1. Setup your application at Google Developer Console.

  2. Add :ueberauth_google to your list of dependencies in mix.exs:

    def deps do
      [{:ueberauth_google, "~> 0.8"}]
  3. Add the strategy to your applications:

    def application do
      [applications: [:ueberauth_google]]
  4. Add Google to your Überauth configuration:

    config :ueberauth, Ueberauth,
      providers: [
        google: {Ueberauth.Strategy.Google, []}
  5. Update your provider configuration:

    Use that if you want to read client ID/secret from the environment variables in the compile time:

    config :ueberauth, Ueberauth.Strategy.Google.OAuth,
      client_id: System.get_env("GOOGLE_CLIENT_ID"),
      client_secret: System.get_env("GOOGLE_CLIENT_SECRET")

    Use that if you want to read client ID/secret from the environment variables in the run time:

    config :ueberauth, Ueberauth.Strategy.Google.OAuth,
      client_id: {System, :get_env, ["GOOGLE_CLIENT_ID"]},
      client_secret: {System, :get_env, ["GOOGLE_CLIENT_SECRET"]}
  6. Include the Überauth plug in your controller:

    defmodule MyApp.AuthController do
      use MyApp.Web, :controller
      plug Ueberauth
  7. Create the request and callback routes if you haven't already:

    scope "/auth", MyApp do
      pipe_through :browser
      get "/:provider", AuthController, :request
      get "/:provider/callback", AuthController, :callback
  8. Your controller needs to implement callbacks to deal with Ueberauth.Auth and Ueberauth.Failure responses.

For an example implementation see the Überauth Example application.


Depending on the configured url you can initiate the request through:


Or with options:


By default the requested scope is "email". Scope can be configured either explicitly as a scope query value on the request path or in your configuration:

config :ueberauth, Ueberauth,
  providers: [
    google: {Ueberauth.Strategy.Google, [default_scope: "email profile"]}

You can also pass options such as the hd parameter to suggest a particular Google Apps hosted domain (caution, can still be overridden by the user), or prompt and access_type options to request refresh_tokens and offline access.

config :ueberauth, Ueberauth,
  providers: [
    google: {Ueberauth.Strategy.Google, [hd: "", prompt: "select_account", access_type: "offline"]}

To guard against client-side request modification, it's important to still check the domain in info.urls[:website] within the Ueberauth.Auth struct if you want to limit sign-in to a specific domain.


Please see LICENSE for licensing details.

You can’t perform that action at this time.