Google Authentication
Authentication · 8 articles
Can I switch between "managed" and "your own credentials" later?
Yes, you can switch authentication methods later. If you start with Lovable-managed auth and want to switch to your own credentials, you'll need to configure a Google OAuth app in Google Cloud Console and update the credentials in Supabase Authentication → Providers → Google. Existing user sessions will continue to work, but new sign-ins will use the new credentials.
Consent screen issues
If users see Google's consent screen unexpectedly, it's usually because the OAuth consent screen in Google Cloud Console hasn't been fully configured or published. Verify your app name, logo, and scopes are set in Google Cloud Console, then test in an incognito window to see the fresh consent flow. If using Lovable-managed Google auth, these details are handled for you automatically.
Do I need to configure Google Cloud Console when using "Managed by Lovable" setup?
No, with Lovable-managed Google authentication, Lovable handles the Google Cloud Console setup for you. You don't need to create an OAuth app or manage credentials yourself. If you choose to use your own credentials instead, then you'll need to set up a project in Google Cloud Console, create OAuth credentials, and provide the Client ID and Secret to Supabase.
Do users see the Google consent screen every time they sign in?
No, users typically see the consent screen only once—the first time they sign in with Google. After they consent, their browser stores the OAuth token and they sign in immediately on subsequent visits. If you deploy to a new domain or change scopes, users may see the consent screen again.
Is the Lovable-managed Google authentication available for all Lovable apps?
Lovable-managed Google authentication is available as a feature, but you can also choose to use your own Google OAuth credentials through Supabase's standard setup. With Lovable-managed authentication, Lovable handles the Google Cloud Console configuration for you—no need to set up your own OAuth app. You can switch between managed and your own credentials anytime.
Should I use the managed by Lovable option or my own credentials?
Use Lovable-managed authentication if you want a quicker setup with no Google Cloud Console configuration. Use your own credentials if you need specific control over OAuth settings, multiple apps sharing one Google project, or custom consent screen messaging. Both approaches are equally secure—choose based on your preference for convenience vs. control.
What information does Google share with my app?
Google shares the user's basic profile information through OAuth, including email, name, and profile picture (if the scope includes it). The exact data depends on which scopes you request when prompting Lovable to add authentication. You can control what Supabase requests—common scopes are email and profile. Google's privacy policy governs how their data is handled.
Wrong OAuth client type
You need an OAuth 2.0 Web Application client, not a Desktop or Mobile client. In Google Cloud Console, go to Credentials → Create Credentials → OAuth 2.0 Client ID and select Web Application. Add your redirect URIs (like http://localhost:3000/auth/callback and your production domain), then copy the Client ID and Secret to Supabase Authentication → Providers → Google.
