Developer docs

How to enable Google OAuth authentication for Ghost Admin

Ghost can be configured to allow staff users to log in via OAuth. Some users find this login method more convenient.

OAuth integration is an alpha feature for testing purposes. You must have the enableDeveloperExperiments flag set to true to enable alpha features.

Create Google OAuth credentials

Navigate to the OAuth consent screen in the Google Developers Console, and select your project. You can use an existing project or create a new project.

Fill the App name and User support email. Use the Ghost instance URL as the Application home page, and add the Ghost instance domain in the Authorized domains field - this should be the domain Ghost Admin is served from if it’s different to the domain your main site is served from.

On the Scopes screen, add the auth/userinfo.email and auth/userinfo.profile scopes.

Navigate to Credentials and click Create Credentials to create a new OAuth client ID. Select Web application as the Application type, and add your Ghost Admin domain in Authorized JavaScript origins.

In the Authorized redirect URIs, add your Ghost Admin URL followed by /oauth/google/callback - for example https://example.ghost.io/ghost/oauth/google/callback.

Make a note of the Client ID and Client Secret provided.

Configure Google OAuth credentials in Ghost

In Ghost Admin, navigate to the Labs section in Settings and enable the Google OAuth for staff users feature.

Enter your Google Client ID and Secret to complete the configuration.