# Google

This guide will help you set up Google OAuth authentication for your DataSpace application.

{% hint style="info" %}
Prerequisites

* A Google Cloud Platform account
* Access to the Google Cloud Console
  {% endhint %}

{% stepper %}
{% step %}

### Create a Google Cloud Project

* Go to the [Google Cloud Console](https://console.cloud.google.com/)
* Create a new project or select an existing one
* Note down your project ID
  {% endstep %}

{% step %}

### Enable Google+ API

* In the Google Cloud Console, go to "APIs & Services" > "Library"
* Search for "Google+ API" and enable it
* Alternatively, you can use the newer Google Identity API
  {% endstep %}

{% step %}

### Create OAuth 2.0 Credentials

* Go to "APIs & Services" > "Credentials"
* Click "Create Credentials" > "OAuth 2.0 Client IDs"
* Choose "Web application" as the application type
* Configure the OAuth consent screen if prompted
  {% endstep %}

{% step %}

### Configure OAuth Client

* Authorized JavaScript origins:
  * Add your frontend URL (e.g., `https://yourdomain.com`)
* Authorized redirect URIs:
  * Add your backend callback URL: `https://yourdomain.com/api/auth/google-callback`
    {% endstep %}

{% step %}

### Get Your Credentials

After creating the OAuth client, you'll get:

* Client ID (looks like: `123456789-abcdefg.apps.googleusercontent.com`)
* Client Secret (looks like: `GOCSPX-abcdefghijklmnopqrstuvwxyz`)
  {% endstep %}

{% step %}

### Configure Environment Variables

Add the following environment variables to your application:

{% code title=".env" %}

```bash
GOOGLE_CLIENT_ID=your_google_client_id_here
GOOGLE_CLIENT_SECRET=your_google_client_secret_here
```

{% endcode %}
{% endstep %}
{% endstepper %}

## Additional Resources

* [Google OAuth 2.0 Documentation](https://developers.google.com/identity/protocols/oauth2)
* [Google Identity Platform](https://developers.google.com/identity)
* [OAuth 2.0 Security Best Practices](https://tools.ietf.org/html/draft-ietf-oauth-security-topics)