Google: Permission denied to generate login hint

Question

I am trying to create a Google sign-in and getting the error:

Permission denied to generate login hint for target domain

Request Details

• redirect_uri=https://www.DOMAIN_FOR_REDIRECT.com/main-page/
• response_type=permission id_token
• scope=email profile openid
• openid.realm=
• client_id=XXXXXX.apps.googleusercontent.com
• ss_domain=https://www.SOURCE_DOMAIN_WITH_GOOGLE_BUTTON.com
• fetch_basic_profile=true
• siwebsdk=2

Domains

• https://www.DOMAIN_FOR_REDIRECT.com/main-page/
• https://www.SOURCE_DOMAIN_WITH_GOOGLE_BUTTON.com added to

Authorized JavaScript origins

There is no restrictions for redirect_uri in docs https://developers.google.com/identity/protocols/OAuth2UserAgent#request-parameter-redirect_uri

https://developers.google.com/identity/sign-in/web/reference#gapiauth2clientconfig

Auth code example hosted on domain https://www.SOURCE_DOMAIN_WITH_GOOGLE_BUTTON.com :

gapi.auth2
    .init({
        client_id: `XXXXXX.apps.googleusercontent.com`,
        scope: 'profile',
        ux_mode: 'redirect',
        redirect_uri: 'https://www.DOMAIN_FOR_REDIRECT.com/main-page/'
    })

Answer 1

I do not see ux_mode anywhere in the docs you provided.

In the docs on gapi.auth2 ClientConfig I can see the variables you refer to. This question sheds some light on the fact that the URI must be a full URL, but you can work some magic to get the ip address to work on private network.

Can you verify that you've added your URL to your authorized JavaScript origins, as noted here?