Get started
Back to Integrations

Google Auth

One-click "Sign in with Google" for your app's end-users — fully managed by Pentoggle

Overview

Let your app's users log in with their Google account using a familiar one-click flow. Pentoggle sets up the entire OAuth pipeline — sign-in button, token exchange, session management — so you don't have to register a Google Cloud project, manage client secrets, or wire up redirect URIs.

What it supports

  • One-click Google sign-in — users tap "Sign in with Google" and they're in
  • Automatic profile data — name, email, and avatar are pulled from the Google account and stored on the user record
  • Session management — users stay signed in across visits with secure server-side sessions
  • Works alongside email/password — offer both methods, or use Google as the only login option
  • Account linking — if a user signs up with email/password first and later signs in with Google using the same verified email, the accounts are merged into one

Example prompts

"Let users log in with their Google account."

"Add Google sign-in as the only login method."

"Support both email/password and Google login on the
same sign-in page."

Setup (none required)

Google Auth is fully managed by the platform. There's nothing for you to set up:

  • No Google Cloud Console project to register
  • No OAuth client ID or client secret to paste
  • No redirect URI to configure
  • No third-party developer account to maintain

Just ask the agent in chat to add Google sign-in and the sign-in button appears on your app's login page immediately.

Fully managed: Pentoggle holds a single Google OAuth client for the platform and routes all sign-ins through it. Your app code never touches client secrets.

How it works

  1. A user clicks Sign in with Google on your app's login page
  2. The browser is redirected to Google's consent screen, branded with the Pentoggle platform identity
  3. The user approves and Google issues an authorization code back to Pentoggle's callback endpoint
  4. Pentoggle exchanges the code for tokens server-side, reads the user's name/email/avatar, and signs them in to your app
  5. If a matching user already exists in your app's database (by verified email), the accounts are linked; otherwise a new user record is created
  6. A secure session cookie is set and the user lands on your app's signed-in landing page

Limitations

  • Platform-branded consent screen — because Pentoggle holds the OAuth client, Google's consent screen shows the Pentoggle name, not your app's brand. For full branding control you'd need a per-app OAuth client (not currently supported)
  • Unverified-email Google accounts — Pentoggle refuses to auto-link or auto-create an account when Google reports the email as unverified (rare but possible for some workspace accounts)
  • One Google identity per app user — a single user record can be linked to at most one Google account; linking a second account replaces the first
  • No Google APIs beyond profile — this integration is for sign-in only. Reading Gmail, Calendar, Drive, etc. on the user's behalf is a separate integration not currently available

Troubleshooting

  • "Sign in with Google" button missing — confirm you asked the agent to add Google sign-in; the button only appears once the integration is wired in. Ask in chat: "add Sign in with Google to the login page"
  • User signs in but lands on the wrong page — describe the desired post-login destination to the agent (e.g., "after Google sign-in, send users to /dashboard")
  • Existing email/password user can't use Google sign-in — the email on the Google account must match the existing app account exactly, and Google must report it as verified
  • Google blocks the sign-in — this almost always means the user's Google Workspace admin has restricted third-party OAuth. The user needs to contact their admin or use a different account