Google oauth reverse proxy

Hi all,

I am not a developer, so… sorry for the silly questions about a Google product!

I followed the great guide Chris Castel made here.

The reverse proxy with Google authentication works great and takes me to my private service, however there is a specific issue with how Google have implemented “test users” and unpublished apps.

Long story short, a workaround to this is to request a “consent” to a restricted Google API (in the solution example I’m following this is the Calendar API)

My question is:

In the Render Web Service settings that runs my oAuth reverse proxy, is there a way for me to replicate the solution as shown in the Supabase example below and pass a “prompt” and “scope” variable when interacting with the Google oAuth service?




Those wouldn’t be Render settings, but the configuration of the OAuth2-Proxy project the blog post utilizes.

The screenshot references queryParams. Maybe that is a similar feature that was added OAuth2-Proxy in version 7.3.0? Changelog (the forked blog post example repo uses 7.2.1)


For anyone else looking for the solution to this problem it was to:

  1. create a “oauth2_proxy.cfg” file in the main directory on github

  2. add this line to that cfg file:
    scope = "profile email"

  3. add this line to the bottom of the DOCKERFILE in the main directory on github:

ENTRYPOINT [ "sh", "-c", "/bin/oauth2-proxy --config=/etc/oauth2_proxy.cfg --upstream=http://${UPSTREAM}" ]

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.