⚙️ Setup¶
1️⃣ Add the following to your .env.local file (if not already done):¶
```bash NEXTAUTH_URL=http://localhost:3000 NEXTAUTH_SECRET= ````
NEXTAUTH_SECRETis a random string used to encrypt JWT tokens. It must be at least 15 characters long.
2️⃣ Create a new project in Google Cloud¶
- Go to APIs & Services → Credentials
- Click on [Configure Consent Screen]
- Fill out the required information
(Tip: Use ChatGPT to generate
/tosand/privacy-policypages). - Add
userinfo.emailanduserinfo.profileto the scopes. - Add yourself as a test user.
- Click Submit
3️⃣ Create OAuth credentials¶
-
Go to Credentials → [+ Create Credentials] → [OAuth Client ID]
-
Choose [Web Application]
-
Add the following to Authorized JavaScript origins:
-
http://localhost:3000 -
https://your-site.com -
And add the following to Authorized redirect URIs:
-
http://localhost:3000/api/auth/callback/google https://your-site.com/api/auth/callback/google
📌 If you’re using a subdomain like
www, make sure to include it as well.
- Click [Create]
-
Copy:
-
Client IDintoGOOGLE_ID Client SecretintoGOOGLE_SECRETand paste them into your.env.local
4️⃣ Publishing and verification¶
- Go to [OAuth Consent Screen] → click [Publish App] and submit your app for verification.
- Click [Prepare for verification] and complete the required fields.
- Google will send you an email—you need to respond to begin the process.
- Your domain must be verified on Google Search Console. You can do that now.
5️⃣ Test the login¶
- You can now log in with Google on localhost.
- It will also work in production, but a warning will appear until verification is complete (can take a few days).
6️⃣ Saving users in your database¶
- The MongoDB adapter automatically saves new users when they log in via Google.
- ✅ Make sure your database is configured first.