Configure your App Service app to use Google login

This topic shows you how to configure Azure App Service to use Google as an authentication provider.

To complete the procedure in this topic, you must have a Google account that has a verified email address. To create a new Google account, go to accounts.google.com.

Register your application with Google

  1. Follow the Google documentation at Google Sign-In for server-side apps to create a client ID and client secret. There's no need to make any code changes. Just use the following information:

    • For Authorized JavaScript Origins, use https://<app-name>.azurewebsites.net with the name of your app in <app-name>.
    • For Authorized Redirect URI, use https://<app-name>.azurewebsites.net/.auth/login/google/callback.
  2. Copy the App ID and the App secret values.

    Important

    The App secret is an important security credential. Do not share this secret with anyone or distribute it within a client application.

Add Google information to your application

  1. In the Azure portal, go to your App Service app.

  2. Select Settings > Authentication / Authorization, and make sure that App Service Authentication is On.

  3. Select Google, then paste in the App ID and App Secret values that you obtained previously. Enable any scopes needed by your application.

  4. Select OK.

    App Service provides authentication but doesn't restrict authorized access to your site content and APIs. For more information, see Authorize or deny users.

  5. (Optional) To restrict site access only to users authenticated by Google, set Action to take when request is not authenticated to Google. When you set this functionality, your app requires that all requests be authenticated. It also redirects all unauthenticated requests to Google for authentication.

    Caution

    Restricting access in this way applies to all calls to your app, which might not be desirable for apps that have a publicly available home page, as in many single-page applications. For such applications, Allow anonymous requests (no action) might be preferred so that the app manually starts authentication itself. For more information, see Authentication flow.

  6. Select Save.

You are now ready to use Google for authentication in your app.

Next steps