I’m having some issue with Google SSO integration. I followed the documentation provided here, which seems a bit outdated. For example, the screenshots are old than the current Google Console UI. More importantly, it says the below:
Set Authorised Redirect URI to …/lib/google/index.php
This directory lib/google/ does not exist in my installation via Softaculous. I’m on the latest version v29. The Google Developers Redirect Url (this field is non-editable) points to my-gibbon-install/login.php
However, I entered the Google Developers Client ID, Google Developers Client Secret,
Google Developers Client Name, Google Developers Redirect Url as highlighted in respective colors.
In my Google Console, I have Verified consent from Google, and no scopes added. I tried with adding the three non-sensitive scopes too (../auth/userinfo.email, …/auth/userinfo.profile, openid).
I’m getting the error, despite Google Verficication green tick for client ID and “Verified” status in Google Console "Google hasn’t verified this app
The app is requesting access to sensitive info in your Google Account. Until the developer…"
Upon inspection on the browser URL, I notice it is requesting additional scopes.
Hello everyone! I’m new here and this is my first request for assistance. I suspect there are members who have implemented Google SSO, but it seems rather quiet around here.
While I’m not a developer, I’m doing my best to support a local Sunday school with my basic tech skills. After more than a week of trying, I’ve discovered that Gibbon requires access to Google Calendar, which we might not even need. Is it possible to disable this feature in some of the code files?
I would greatly appreciate any guidance from forum members or anyone involved with Gibbon. Thank you!
The Custom API Scopes field lets you override the default scopes. If you populate that field, Gibbon will use your list instead of the built-in one (which includes the Calendar scope).
How to turn off the Calendar requirement (while keeping Google SSO)
1. Go to Home → System Admin → Third Party Settings → Edit SSO Settings (Google Integration).
2. In Custom API Scopes, enter only the standard OpenID scopes (space-separated):
openid email profile
Submit/save.
(Optional) Leave School Google Calendar ID blank so no shared calendar is pulled into timetables.
Hi @tiekubd. Appreciate your helpful suggestions. It now took me one step ahead by getting rid of the nag screen of unverified status, but now I’m getting the error “incorrect username and password.” I tried testing with two separate Google accounts. Any idea what could be causing this and how to fix this, please?
This non-profit’s Sunday school website is on a subdomain. I have the main domain as well as sub-domain verified in Google Search Console. I also have sub-domain verified for URIs and also main domain verified tick in Google Cloud Console. On my user Google account, I can actually see authorizations been given (see screenshot), but still see the username and password incorrect error.
