Google OAuth Setup

Enable Google Sign-In to let users register and log in with their Google accounts. This provides a smoother experience and higher conversion rates.

Benefits

✅ One-click registration and login
✅ No passwords to remember
✅ Pre-verified email addresses
✅ Higher conversion rates
✅ Reduced spam registrations

Prerequisites

A Google account
Access to Google Cloud Console

Setup Steps

Step 1: Create a Google Cloud Project

Go to Google Cloud Console
Click the project dropdown at the top
Click New Project
Enter a project name (e.g., "My Website Login")
Click Create

In the sidebar, go to APIs & Services → OAuth consent screen
Select External and click Create
Fill in the required fields:
- App name: Your website name
- User support email: Your email
- Developer contact email: Your email
Click Save and Continue
Skip the Scopes section (click Save and Continue)
Skip the Test users section (click Save and Continue)
Click Back to Dashboard

Step 3: Create OAuth Credentials

Go to APIs & Services → Credentials
Click Create Credentials → OAuth client ID
Select Web application as the application type
Enter a name (e.g., "Website Login")
Under Authorized JavaScript origins, add your site URL:
```
https://yourdomain.com
```
Also add without www if applicable:
```
https://www.yourdomain.com
```
Leave Authorized redirect URIs empty (not required for this integration)
Click Create

Step 4: Copy the Client ID

After creation, you'll see:

Client ID (long string ending in .apps.googleusercontent.com)
Client Secret (not needed for this integration)

Copy only the Client ID.

Step 5: Add to WordPress

Go to PaywallWP → Settings → Google OAuth
Enable the Enable Google Login toggle
Paste your Client ID in the Client ID field
Note the JavaScript Origins URL shown — this should match what you added in Google Cloud Console
Click Save Settings

tip

You only need the Client ID. The Client Secret and redirect URIs are not required for this frontend-based integration.

Additional Settings

After enabling Google OAuth, you can configure additional options:

Update Profile Data

Setting	Description
Off	User's display name stays as originally set
On	Sync display name from Google account on each login

Profile Picture

Control how Google profile pictures are handled:

Option	Description
Disabled	Don't use Google profile pictures
Use Google URL (hotlink)	Link directly to Google's image URL
Download to Media Library (GDPR)	Save the image to your server (recommended for privacy compliance)

Account Linking

If a user signs in with Google using an email that already exists in WordPress, their account will be automatically linked — no duplicate accounts are created.

How It Works

When enabled, a "Sign in with Google" button appears on:

Login page
Registration page
Checkout modal (for guest users)

Users click the button, authenticate with Google, and are automatically logged in or registered.

User Account Creation

When a user signs in with Google:

Existing user with matching email: They're logged in to their existing account
New user: An account is created with:
- Username derived from their Google email
- Email from Google (pre-verified)
- Google profile picture as avatar
- Random password (they'll use Google to log in)

Publishing Your App

Development vs Production

Initially, your OAuth app is in "Testing" mode:

Only works for users you've added as test users
Limited to 100 test users

To allow anyone to use Google Sign-In:

Go to APIs & Services → OAuth consent screen
Click Publish App
Click Confirm

Verification

For apps requesting sensitive data (not required here), Google may require verification. The basic profile scope we use typically doesn't require verification.

Troubleshooting

"Error 400: redirect_uri_mismatch"

Check that your site URL is added to Authorized JavaScript origins
Include both https://yourdomain.com and https://www.yourdomain.com
Ensure you're using HTTPS

"Access Blocked: This app's request is invalid"

Verify the Client ID is correct and complete
Check that OAuth consent screen is configured
Ensure the app is published (not in testing mode) or user is a test user

Verify Client ID is saved in settings
Check browser console for JavaScript errors
Ensure Google's scripts aren't blocked by ad blockers

Check that user registration is enabled in WordPress
Go to Settings → General and enable "Anyone can register"
Or ensure memberships are open in PaywallWP settings

User Gets Wrong Account

If a user has multiple Google accounts:

They should ensure they're signed into the correct Google account
They can sign out of Google and try again

Security Considerations

Client ID is safe to expose (it's public by design)
Google handles all authentication securely
No passwords are stored for Google-authenticated users
Users can still set a password later if desired

Multiple Environments

If you have staging and production sites:

Option A: Add both domains to the same OAuth credentials
Option B: Create separate OAuth credentials for each environment

For option A, add both URLs to Authorized JavaScript origins:

https://staging.yourdomain.com
https://yourdomain.com

Next Steps

CAPTCHA Setup to protect forms
General Settings for more configuration
Account Page for member dashboard customization

Benefits​

Prerequisites​

Setup Steps​

Step 1: Create a Google Cloud Project​

Step 2: Configure OAuth Consent Screen​

Step 3: Create OAuth Credentials​

Step 4: Copy the Client ID​

Step 5: Add to WordPress​

Additional Settings​

Update Profile Data​

Profile Picture​

How It Works​

User Account Creation​

Publishing Your App​

Development vs Production​

Troubleshooting​

"Error 400: redirect_uri_mismatch"​

"Access Blocked: This app's request is invalid"​

"Sign in with Google" Button Not Showing​

Login Works But User Not Created​

User Gets Wrong Account​

Security Considerations​

Multiple Environments​

Next Steps​