with Google Error - {"error": "invalid_client", "error_description": "Unauthorized" }

access_time 5 months ago visibility97 comment 0

Sign-in with social accounts like Google, Microsoft, Twitter and Facebook accounts are very commonly used in websites to allow website users to logon easily without registering an separate account.

Issue summary

During the implementation of Kontext Google sign-in function, I encountered an error:

Exception: An error was encountered while handling the remote login.

And the details look like the following:

An unhandled exception occurred while processing the request.

Exception: OAuth token endpoint failure: Status: Unauthorized;Headers: Vary: X-Origin, Referer, Origin,Accept-Encoding
Date: Wed, 10 Jun 2020 09:39:00 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Transfer-Encoding: chunked
;Body: {
"error": "invalid_client",
"error_description": "Unauthorized"

Unknown location

Exception: An error was encountered while handling the remote login.


I have been following exactly the following page to implement this function:

Google external login setup in ASP.NET Core

All the Google API credential and consent screen are setup correctly too. 


  • ASP.NET Core 3.1.4
  • Microsoft.AspNetCore.Authentication.Google 3.1.4

Solution to fix this error

After a lot of searching on the websites, I could not fix this issue. And then I revisited my code again:

AddGoogle(options =>
                    options.ClientId = Configuration["Authentication:Google:ClientId"];
                    options.ClientSecret = Configuration["Authentication:Google:ClientId"];

As you can see in the above code snippet, Google authentication service is setup using ClientId and ClientSecret from configurations (can be environment variables, secret manager, application settings, etc.). 

However there was a type for ClientSecret as the configuration value should be definitely from ClientID settings. Thus to fix this issue, I just need to change the value to the following:

AddGoogle(options =>
                    options.ClientId = Configuration["Authentication:Google:ClientId"];
                    options.ClientSecret = Configuration["Authentication:Google:ClientSecret"];
I made a very simple mistake which cost me a few hours to fix it. So if you encounter similar error, please make sure you have configured the ClientID and ClientSecret for Google OAuth correctly. And also make sure these two values match exactly with the values in your Google Developer or Google Cloud Console settings.

copyright This page is subject to Site terms.
Like this article?
Share on

Please log in or register to comment.

account_circle Log in person_add Register

Log in with external accounts

Want to publish your article on Kontext?

Learn more

Kontext Column

Created for everyone to publish data, programming and cloud related articles.
Follow three steps to create your columns.

Learn more arrow_forward

More from Kontext

local_offer core local_offer core 3 local_offer C#

visibility 218
thumb_up 0
access_time 2 months ago

This page summarize information about how to retrieve client and server IP address in ASP.NET core applications.  Client IP address can be retrieved via HttpContext.Connection object. This properties exist in both Razor page model and ASP.NET MVC controller. Property  RemoteIpAddress ...

local_offer core 2 local_offer core local_offer dotnetcore local_offer open-banking

visibility 266
thumb_up 0
access_time 2 years ago

I’ve just started an core 2.2 based implementation for Australia Consumer Data Standards (published by Data 61). Opening Banking initiative will follow these standards. The purpose is to help you to get familiar with these standards, especially the APIs that need to be implemented. The ...

Run .NET 5 on Azure App Services

local_offer .NET local_offer Azure local_offer core

visibility 10
thumb_up 0
access_time 6 days ago

.NET 5 RC2 was released on 2020-10-13. On Azure, you can only select .NET Core 3.1 or 2.1 LTS versions as runtime stack when creating web app as the following screenshot shows.   This will stay as is till .NET 5 official release. However, you can use extensions to run your .NET 5 ...

About column

Articles about ASP.NET Core 1.x, 2.x and 3.x.

rss_feed Subscribe RSS