diff --git a/aspnetcore/security/authentication/social/google-logins.md b/aspnetcore/security/authentication/social/google-logins.md index 65d8972b0e..0625d12e22 100644 --- a/aspnetcore/security/authentication/social/google-logins.md +++ b/aspnetcore/security/authentication/social/google-logins.md @@ -4,7 +4,7 @@ author: rick-anderson description: This tutorial demonstrates the integration of Google account user authentication into an existing ASP.NET Core app. ms.author: riande ms.custom: "mvc, seodec18" -ms.date: 02/18/2021 +ms.date: 3/3/2022 no-loc: ["Blazor Hybrid", Home, Privacy, Kestrel, appsettings.json, "ASP.NET Core Identity", cookie, Cookie, Blazor, "Blazor Server", "Blazor WebAssembly", "Identity", "Let's Encrypt", Razor, SignalR] uid: security/authentication/google-logins --- @@ -14,40 +14,32 @@ By [Valeriy Novytskyy](https://github.com/01binary) and [Rick Anderson](https:// This tutorial shows you how to enable users to sign in with their Google account using the ASP.NET Core project created on the [previous page](xref:security/authentication/social/index). -## Create a Google API Console project and client ID - -* Add the [Microsoft.AspNetCore.Authentication.Google](https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.Google) NuGet package to the app. +## Create the Google OAuth 2.0 Client ID and secret * Follow the guidance in [Integrating Google Sign-In into your web app](https://developers.google.com/identity/sign-in/web/sign-in) (Google documentation). - * Go to [Google API & Services](https://console.cloud.google.com/apis). +* A **Project** must exist first, you may have to create one. Once a project is selected, enter the **Dashboard**. -* A **Project** must exist first, you may have to create one. Once a project is selected, you will enter the **Dashboard**. - -* In the **Oauth consent screen** of the **Dashboard**: +* In the **Oauth consent screen** of the **Dashboard**: * Select **User Type - External** and **CREATE**. * In the **App information** dialog, Provide an **app name** for the app, **user support email**, and **developer contact information**. * Step through the **Scopes** step. * Step through the **Test users** step. * Review the **OAuth consent screen** and go back to the app **Dashboard**. - * In the **Credentials** tab of the application Dashboard, select **CREATE CREDENTIALS** > **OAuth client ID**. - * Select **Application type** > **Web application**, choose a **name**. - * In the **Authorized redirect URIs** section, select **ADD URI** to set the redirect URI. Example redirect URI: `https://localhost:{PORT}/signin-google`, where the `{PORT}` placeholder is the app's port. - * Select the **CREATE** button. - * Save the **Client ID** and **Client Secret** for use in the app's configuration. - * When deploying the site, either: * Update the app's redirect URI in the **Google Console** to the app's deployed redirect URI. * Create a new Google API registration in the **Google Console** for the production app with its production redirect URI. ## Store the Google client ID and secret +Add the [`Microsoft.AspNetCore.Authentication.Google`](https://www.nuget.org/packages/Microsoft.AspNetCore.Authentication.Google) NuGet package to the app. + Store sensitive settings such as the Google client ID and secret values with [Secret Manager](xref:security/app-secrets). For this sample, use the following steps: 1. Initialize the project for secret storage per the instructions at [Enable secret storage](xref:security/app-secrets#enable-secret-storage).