Child pages
  • Google Login Plugin
Skip to end of metadata
Go to start of metadata

Plugin Information

View Google Login on the plugin site for more information.

Older versions of this plugin may not be safe to use. Please review the following warnings before using an older version:

Google Login Plugin

This is a Jenkins plugin which lets you login to Jenkins with your Google account. Also allows you to restrict access to accounts in a given Google Apps domain.

To use this plugin, you must obtain OAuth 2.0 credentials from the Google Developers Console. These don't need to belong to a special account, or even one associated with the domain you want to restrict logins to.

Instructions to create the Client ID and Secret:

  1. Login to the Google Developers Console
  2. Create a new project
  3. Under APIs & Auth -> Credentials, Create a new Client ID
  4. The application type should be "Web Application"
  5. The authorized redirect URLs should contain JENKINS_ROOT_URL/securityRealm/finishLogin
  6. Enter the created Client Id and secret in the Security Realm Configuration


Version 1.3 (November 21st, 2016)
  • Feature: Allow multiple domains separated by comma (pull #3)
  • Fix: JENKINS-37749 - Disable autocomplete on clientId and clientSecret
  • Fix: JENKINS-33286 - Redirect to a logged out page
Version 1.2.1 (November 2nd, 2015)
  • Fix: JENKINS-30965 - Error when browsing user configuration page.
Version 1.2 (October 12, 2015)
  • Fix: SECURITY-208 - CVE-2015-5298 - The Google Login Plugin (versions 1.0 and 1.1) allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification.


  1. i would like to know if its possible after password update on Google acc ... to update it everywhere its configured in Jenkins ... 

    currently i have more than 50 jobs that using it ... doing them 1-by-1 is pretty stupid

  2. I migrated from OpenID plugin to Google Login plugin today and I had to add this extra step:

    3. Under API & Auths / 'Consent Screen', filled up the data, in particular the email of the user

    If not I got

    Error: invalid_client
    no support email

    from Google when trying to log in. Should I just update the doc and add one step ?

  3. Hello, 

    I have an issue with this Plugin, we are disconnected quickly from our session on Jenkins. Is there a way to keep it more longer? 

    Where i can configure it? 


  4. This plugin will be improved to use the login page of jenkins (jenkin-url/login) ?

    We could choose to be logged since google authentication or the one of jenkins.

  5. Also if we are already logged with a google account and if we call the following url : myjenkinsurl/login, we should be redirected to the home page of jenkins when we are already loggued.

  6. Can I used this to authenticate my 'Internal' Jenkins environment? I would like the authorized redirect URL to be - ''. Is this even an option?

  7. What do you do with the client-secret.json file?

    Jenkins needs to have this file, but I don't want to check it into github.

  8. Is the domain verification mandatory?

    If the consent screen is mandatory, then the documentation should be updated.

    I installed this plugin and after restarting Jenkins, the server isn't accessible anymore. Nothing in the logs.

  9. Hi,

    I got the issue with latest version of "google login plugin" if case of selecting the domain to login. If we keep this files empty then it's working fine.

    seems older version "1.1" is working fine after giving the domain.

  10. This plugin allows users from only one domain. We have users from couple of domains accessing jenkins. Is there any way to do this? 

  11. After setting up the plugin, I logged in on Google's page and got this exception when coming back to Jenkins at http://.../securityRealm/finishLogin:

    What's happening?

    1. I'm seeing the same issue and stacktrace.

  12. Is anyone seeing an error when trying to access jenkins and seeing the following 400 error:

    "Invalid parameter value for redirect_uri: Raw IP addresses not allowed:"?

    I'm accessing jenkins using the assigned dns name, but the redirect uses the IP address. Any ideas on how to make the redirect use the dns name?

    1. Issue resolved. Was a problem with my Jenkin's configuration. The Jenkins URL needed to be set to use the domain name. 

      Jenkins -> Manage Jenkins -> Configure System -> Jenkins URL