Error: Access Denied During Google Social Login with Web3Auth

benoit.marcot · February 18, 2025, 3:25pm

I’m encountering an error on the Web3Auth loading page when attempting to log in using Google social login. Although the login and key reconstruction ultimately succeed, I’d like to understand the cause of this issue. This problem started today, and I hadn’t noticed it before.

Error message:

Here is the formatted JSON:

```json
[
  {
    "errorMsg": "access_denied",
    "errorStack": "Error: access_denied\n    at wt (https://auth.web3auth.io/v9/assets/index-DTyerrT2.js:2:2549)\n    at https://auth.web3auth.io/v9/assets/index-DTyerrT2.js:2:10940",
    "title": "Mount Error",
    "createdAt": "2025-02-18T15:32:11",
    "info": {
      "customAuthState": {
        "client": "BCf********DRYABM",
        "currentLoginProvider": "google",
        "popupWindow": "false",
        "whiteLabel": "{\"mode\":\"light\"}",
        "keyMode": "1/1",
        "loginId": "5207****f9b",
        "sessionNamespace": "",
        "socialFactorFlow": "",
        "version": "9",
        "instanceId": "2wids****",
        "verifier": "google-core-verifier",
        "typeOfLogin": "google",
        "redirectToOpener": false
      },
      "customAuthArgs": {
        "typeOfLogin": "google",
        "verifier": "google-core-verifier",
        "clientId": "31****.apps.googleusercontent.com",
        "jwtParams": {
          "prompt": "consent select_account"
        },
        "customState": {
          "client": "BCf0****DRYABM",
          "currentLoginProvider": "google",
          "popupWindow": "false",
          "whiteLabel": "{\"mode\":\"light\"}",
          "keyMode": "1/1",
          "loginId": "5207****85f9b",
          "sessionNamespace": "",
          "socialFactorFlow": "",
          "version": "9"
        }
      },
      "customAuthError": "access_denied",
      "customAuthHashParams": {
        "error": "access_denied",
        "state": "eyJjbGllbnQiOiJ****"
      }
    }
  }
]

w3abot · February 18, 2025, 3:26pm

Hi Benny,

Thanks for reaching out and providing such detailed information! Let’s address the issue you’re facing with Google social login.

From your message, it seems that you’re experiencing an “access_denied” error during Google social login with the Plug n Play SDK on the Web3Auth platform. Here’s a quick summary of the details you’ve shared:

SDK: Web3Auth Plug n Play
Issue: Access Denied during Google Social Login
Error Message: JSON Error with “access_denied”
Verifier: google-core-verifier
Type of Login: Google

Given that the login and key reconstruction eventually succeed, this could be an intermittent permissions error or an issue with the configuration for Google in your Web3Auth instance.

To further investigate and resolve this, please consider:

Check Google Cloud Console: Ensure that your Google client ID (clientId: "31****.apps.googleusercontent.com") has the necessary permissions and is correctly set up in your Google Cloud Console. The scopes requested should match those configured in your Web3Auth.
Review Web3Auth Configuration: Double-check the verifier configuration in your Web3Auth setup to ensure it matches your Google credentials.
JavaScript Console: Review your browser’s console for any additional error messages or hints. The screenshot you provided also shows the error stack trace, which might be useful in debugging.

If you continue to face this issue, please don’t hesitate to provide additional information, and our support team will be glad to help further.

Feel free to ask if you have more questions or need further assistance!

Note: This response was generated by an AI bot and may require further verification. The Web3Auth support team has tracked this issue and will be responding as soon as possible.

Additionally, we would recommend you to join our biweekly Office Hours to get this resolved even faster. Web3Auth Developer Office Hours

benoit.marcot · February 18, 2025, 5:58pm

I have double-checked the items mentionned above; they are all correct.

shahbaz · February 19, 2025, 7:19am

Hey @benoit.marcot

Kindly share the init and login code.

Ayush · February 19, 2025, 7:41am

Adding to @shahbaz

If you were using the Sapphire Devnet, sorry for the inconvience. We were updating our Devnet which might have caused the issue. The timeframe of the issue on Devnet was from 4:00 PM SGT to 6:30 PM SGT. Can you please check if it works now.

If you were not on Sapphire Devnet, please share the login code snippet so we can debug more

benoit.marcot · February 19, 2025, 9:52am

@Ayush this happened on Sapphire Mainnet.
Find the init code below; it’s a copy/paste from the docs AFAIK.
I cannot reproduce the error; nonetheless I’d like to understand what has caused this error message.

const Providers = ({
  children,
}: Readonly<{
  children: React.ReactNode;
}>) => {
  const chainConfig = {
    chainNamespace: CHAIN_NAMESPACES.EIP155,
    chainId: "0x" + base.id.toString(16),
    rpcTarget: base.rpcUrls.default.http[0], // This is the public RPC we have added, please pass on your own endpoint while creating an app
    displayName: base.name,
    tickerName: base.nativeCurrency?.name,
    ticker: base.nativeCurrency?.symbol,
    blockExplorerUrl: base.blockExplorers?.default.url,
  };

  const privateKeyProvider = new EthereumPrivateKeyProvider({
    config: { chainConfig },
  });

  const web3AuthOptions: IWeb3AuthCoreOptions = {
    clientId: process.env.NEXT_PUBLIC_WEB3AUTH_CLIENT_ID!,
    web3AuthNetwork: WEB3AUTH_NETWORK.SAPPHIRE_MAINNET,
    privateKeyProvider,
  };

  const authAdapter = new AuthAdapter({
    loginSettings: {
      mfaLevel: MFA_LEVELS.NONE, // default, optional, mandatory, none
    },
    adapterSettings: {
      uxMode: UX_MODE.REDIRECT,
      redirectUrl:
        process.env.NEXT_PUBLIC_VERCEL_ENV && process.env.NEXT_PUBLIC_VERCEL_ENV == "production"
          ? "https://app.upsave.io/home?logging=true"
          : process.env.NEXT_PUBLIC_VERCEL_URL
          ? `https://${process.env.NEXT_PUBLIC_VERCEL_URL}/home?logging=true`
          : "http://localhost:3000/home?logging=true",
      loginConfig: {
        google: {
          // name: "Name of your choice",
          verifier: "google-core-verifier",
          typeOfLogin: "google",
          clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID!,
        },
        email_passwordless: {
          verifier: "email-passwordless-core-verifier",
          typeOfLogin: "email_passwordless",
          clientId: process.env.NEXT_PUBLIC_WEB3AUTH_CLIENT_ID!,
        },
      },
    },
  });

  const coinbaseAdapter = new CoinbaseAdapter({
    sessionTime: 3600, // 1 hour in seconds
    adapterSettings: {
      // appName: "Upsave",
      // appLogoUrl: "",
      options: "smartWalletOnly",
    },
  });

  const injectedAdapters = getInjectedAdapters({
    options: { ...web3AuthOptions, chainConfig },
  });

  const config = {
    web3AuthOptions,
    adapters: [authAdapter, coinbaseAdapter, ...injectedAdapters],
  };

  return (
    <Web3AuthProvider config={config}>
      <WalletClientProvider>{children}</WalletClientProvider>
    </Web3AuthProvider>
  );

 const loginGoogle = async () => {
    await connectTo<AuthLoginParams>(WALLET_ADAPTERS.AUTH, {
      loginProvider: "google",
    });
  };

Ayush · February 20, 2025, 5:24am

Hey @benoit.marcot thanks for confirmation, I’ll discuss with the team and get back to you.

Ayush · February 20, 2025, 3:55pm

Hey @benoit.marcot just an update, the issue can come when user cancels the social OAuth (in this case, google) and the OAuth provider redirects to auth service with the error. Hope this helps.

system · February 22, 2025, 3:55pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.