Google Sign-in configuration

Configure Google Sign-In (OAuth 2.0 Client ID) and connect it to The Wallet Crew social sign-in.

Use this when you want to enable the Google button in an enrolment form.

Start with Social sign-in to understand the user flow. Then come back here for the provider setup.

Overview

What you’ll set up

A Google OAuth 2.0 Client ID.
Authorized JavaScript origins for your enrolment form domains.
The Client ID stored in The Wallet Crew admin console.

Prerequisites

Access to your brand’s Google Cloud Console project.
Permission to create OAuth 2.0 Client IDs.
The list of domains where your enrolment forms will run (prod + staging + dev + custom).

Open Credentials

Open the Google Cloud Console Credentials page:

Google Credential page

Create a Web application OAuth client

Click Create credentials → OAuth client ID.
Choose application type: Web application.
Set a name. Example: neostore login.

Configure origins

Add Authorized JavaScript origins for every domain you will use.

https://app.neostore.cloud
https://app-qa.neostore.cloud
https://app-dev.neostore.cloud
Any custom domain you use for enrolment forms (add the exact origin).

Leave Authorized redirect URIs empty.

Google Sign-In for web uses the Client ID. It’s safe to paste it in the admin console.

Do not share any Google client secret. You should not need one for this flow.

Configure Google in The Wallet Crew

Open Social logins → Google in the admin console.

Social logins -> Google

The Wallet Crew - Google Social Sign In configuration

Paste the Client ID from Google.
Save.

Enable Google on your enrolment form

Enable the provider in the enrolment form settings.

Go into advanced configuration -> Layout Open the layout you want to activate social sign-in on and add these lines

signinOptions:
  providers:
    - type: android
      displayProps:
        isMobile: true
        isAndroid: true

For more information see Enrolment form.

FAQ

Do we need a Google client secret?

No. This setup uses the Google Client ID only.

If you see a client secret in Google Cloud Console, don’t paste it anywhere in Wallet Crew.

Should we configure “Authorized redirect URIs” in Google?

No. Leave Authorized redirect URIs empty for this flow.

If you add redirect URIs, it usually doesn’t help. It can also confuse debugging later.

What exactly must be added as an “Authorized JavaScript origin”?

Add the origin only: scheme://host (and port if you use one).

Examples:

✅ https://app.neostore.cloud
✅ https://brand.example.com
❌ https://app.neostore.cloud/molia/mobile (paths are not allowed)

We use a custom domain. What should we do?

Add your custom domain as an Authorized JavaScript origin in Google Cloud Console.

Use the exact domain users see in the browser. Example: https://wallet.brand.com.

Why do we list prod, QA, and dev origins?

Google validates the origin at runtime.

If a user hits QA but only prod is configured, Google rejects the sign-in.

Where do we enable the Google button in the user journey?

Provider setup is not enough. You must also enable Google on the enrolment form.

See Social sign-in and Enrolment form.

Last updated 1 month ago

hashtagOverview

hashtagWhat you’ll set up

hashtagPrerequisites

hashtagConfigure Sign in with Google

hashtagOpen Credentials

hashtagCreate a Web application OAuth client

hashtagConfigure origins

hashtagConfigure Google in The Wallet Crew

hashtagEnable Google on your enrolment form

hashtagFAQ