invalid_client in google oauth2

Question

I try to make a web page for youtube video upload, therefore I try to get the client id from google api console, and in the api console it shows something like this:

Client ID: 533832195920.apps.googleusercontent.com
Redirect URIs: http://bobyouku.ap01.aws.af.cm/testyoutube.php
https://developers.google.com/oauthplayground

However when I try to test my account using the following URL:

https://accounts.google.com/o/oauth2/auth?client_id=533832195920.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Fbobyouku.ap01.aws.af.cm%2Ftestyoutube.php&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fyoutube&response_type=code&access_type=offline

It gives out the result of invalid_client. Even when I try it on oauth2 playground, same fail occurs

So anyone knows what's happen?

Answer 1

Although your question doesn't have that issue. but I encountered somewhat a similar issue and that's why I found an another solution which will be helpful to others.

when we first create the credentials, the client ID contains the http:// before the actual client ID. If we directly paste the hyperlink, which will be in the form of 'http://*******.apps.googleusercontent.com', it will generate the same error. So remove the extra http:// part from the client ID, and you will be good to go. also one can again go to the credentials > project and see the actual client ID without http there. : )

Answer 2

The solution that worked for me was to remove the ' single quotes and remove additional spaces at the end of the client id and secret in the .env file

Answer 3

this could also be because of not using https url.

In other words,this only works with https. It works with http only in localhost

Answer 4

After copy values from Google web UI, I had a blank space for:

• client_id
• secret

And at the BEGINNING and at the END for both.

This happens even when clicking on the "copy" button.

Answer 5

I wish I had seen this post before, because there are a lot of things I had to find out trial and error. A lot can go wrong with this. Here's another issue I had:

Whe you specify the Authorised Javascript origins or Authorised redirect URIs, make sure to include your domain with and without www. So https://google.com and https://www.google.com

Also I had uploaded an Application logo. Because of that, the consent screen required a review... which takes forever. Don't upload an Application logo, or be very patient.

Answer 6

If you are in Meteor JS, you have to use clientId instead appId:

Since facebook uses appId and google clientId.

ServiceConfiguration.configurations.upsert({
    service: "google"
}, {
    $set: {
        clientId: process.env.OAUTH_GOOGLE_APP_ID,
        loginStyle: "popup",
        secret: process.env.OAUTH_GOOGLE_SECRET
    }
});

I spent some hours to realize over that.

Answer 7

Trim the leading and trailing white space from both the client_id and client_secret. Google's copy button does not do this for you.

Set both the email address and product name fields for the OAuth consent screen.

Answer 8

If you follow the documentation, from this page https://developers.google.com/identity/sign-in/web/sign-in#specify_your_apps_client_id

you'll see

<meta name="google-signin-client_id" content="YOUR_CLIENT_ID.apps.googleusercontent.com">

But it's wrong. It should be

<meta name="google-signin-client_id" content="YOUR_CLIENT_ID">

The issue is that the '.apps.googleusercontent.com' gets added anyway. If you do it like the documentation says, you get '.apps.googleusercontent.com' twice

Answer 9

For best results make sure you have the complete details as follows:

{"client_id":"282324738-4labcgdsd4nlh34885s2d34tmi.apps.googleusercontent.com","project_id":"abcd23ss-212808","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://www.googleapis.com/oauth2/v3/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_secret":"23452-dfgdfgcdfgfd","redirect_uris":["http://localhost:6900/auth/google/callback"],"javascript_origins":["http://localhost:6900"]}

This data is always available for download as JSON from https://console.developers.google.com/apis/credentials/oauthclient/

Answer 10

Mine didn't work because I created it from a button from the documentation. I went again to the project and created another OAuthClientID. It worked. Yes, be careful about the extra spaces on right and left too.

Answer 11

Deleting client ID and creating new one a couple of times worked for me.

Answer 12

None of the following were my issue - I resolved this by opening an incognito window. Something was obviously being cached somewhere, no amount of changing auth client settings helped and there were never any trailing or leading spaces in config values.

Answer 13

I solved my problem with trim :

'google' => [
    'client_id' =>trim('client_id),
    'client_secret' => trim('client_secret'),
    'redirect' => 'http://localhost:8000/login/google/callback',
],

Answer 14

Another thing to check:

When you install the GoogleAPIs into a .Net app with NuGet, it will inject a new set of dummy values in your *.config file.

Check that any original values are still in place, and remove dummy entries.

Answer 15

I solved this by removing unnecessary quotes from my clientID and clientSecret values.

Answer 16

invalid_client can also simply means that your client ID and client secret are wrong when you create your Oauth2 object.

Answer 17

Steps that worked for me:

1. Delete credentials that are not working for you
2. Create new credentials with some NAME
3. Fill in the same NAME on your OAuth consent screen
4. Fill in the e-mail address on the OAuth consent screen

The name should be exactly the same.

Answer 18

probably old credentials are invalid

see the answer below

stackoverflow answer

or short names may work

see the answer below stackoverflow answer

or product name same as project name as answered already

at times one may include extra space in the

check twice this line so that you are redirected to the correct url

Answer 19

In my case this turned out to be something else, namely my code used an environment variable that hadn't been set properly (and stupidly wasnt checked by my code). Setting it, recompiling assets, and restarting the app did the trick.

Answer 20

I accidentally had a value in the Client Secret part of the URL, but Google Credential does not need a Client Secret for Android OAuth 2 Client IDs. Simply leaving the value blank in the URL did the trick for me.

Answer 21

in this thread i found my answer.

1. I went to google console,
2. generate a new project, made refresh, because in my case after create the page didn't reload
3. select new project
4. create a client ID
5. use it for what you need

thanks guys :D

Answer 22

At Credentials Accept requests from these HTTP referrers (web sites) (Optional) Use asterisks for wildcards. If you leave this blank, requests will be accepted from any referrer. Be sure to add referrers before using this key in production. Add . (star dot star) . It work fine for me

Answer 23

I had .apps.googleusercontent.com twice in my ID.

It was a copy and paste issue "Your ID HERE".apps.googleusercontent.com

Answer 24

Set/change your product name, I had this issue until I created a product name as same as project name.

The product name can be set in the Consent screen section of the Google Developers Console for your project. Look under APIs & auth in the left navigation and select Consent screen. You need also to set your email address in the box above the product name.

Answer 25

Setting EMAIL ADDRESS and PRODUCT NAME in the consent screen of Google developer console, solves the error "Error: invalid_client. The OAuth client was not found." for me.

Answer 26

Did the error also report that it was missing an application name? I had this issue until I created a project name (e.g. "Project X") in the project settings dialog.

Answer 27

Check your Project name on Google APIs console. you choose another project you created. I was same error. my mistake was choosing diffirent project.