S SeoJama
Start free

Google OAuth Setup — SeoJama

Updated June 18, 2026

One Google Cloud OAuth client powers both Login with Google and the workspace Search Console / Analytics integrations. Do this in the Seojama project under terraliberia@gmail.com.

1. Enable the APIs

In the Cloud Console → APIs & Services → Library, enable all three:

  • Google Search Console API
  • Google Analytics Data API (GA4 reporting)
  • Google Analytics Admin API ← required: the property picker lists GA4 properties via the Admin API (analyticsProperties() in GoogleOAuthService).

APIs & Services → OAuth consent screen

  • User type: External
  • App name: SeoJama, plus user-support email and developer contact email.
  • Scopes — add: openid, email, profile, .../auth/webmasters.readonly, .../auth/webmasters, .../auth/analytics.readonly.
  • Publishing status: while in Testing, add every account that will sign in (e.g. terraliberia@gmail.com) under Test users, or only test users can log in. Publish to Production when you're ready for public sign-ups.

3. Create the OAuth client

APIs & Services → Credentials → Create credentials → OAuth client ID

  • Application type: Web application
  • Name: SeoJama Web
  • Authorized redirect URIs — add both:
    • https://seojama.test/auth/google/callback (Login with Google)
    • https://seojama.test/integrations/google/callback (GSC / GA4)
    • Add your production equivalents later, e.g. https://app.seojama.com/....

Heads-up on .test: Google sometimes rejects non-public TLDs like .test for redirect URIs. If it won't accept https://seojama.test/..., either test against http://localhost:8000/... (run php artisan serve and set APP_URL accordingly) or register your real production domain.

4. Wire the credentials into the app

Copy the Client ID and Client secret into .env:

GOOGLE_CLIENT_ID=xxxx.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=xxxx
GOOGLE_REDIRECT_URI="${APP_URL}/integrations/google/callback"
GOOGLE_LOGIN_REDIRECT_URI="${APP_URL}/auth/google/callback"

Then:

php artisan migrate          # adds google_id / avatar, makes password nullable
php artisan config:clear
php artisan route:list --name=google   # confirm auth.google.* + integrations.google.*

The "Continue with Google" button auto-shows on the login/register pages once GOOGLE_CLIENT_ID and GOOGLE_LOGIN_REDIRECT_URI are set.

How login behaves

  • Sign-in requests only openid/email/profile — never the GSC/GA4 scopes.
  • Matches an existing user by google_id, then by email (linking Google to a prior local account), otherwise creates a verified account with no password.
  • Honors a pending anonymous SEO scan, same as email sign-up.
More Account & Billing