• Resolved helen35

    (@helen35)


    Hi there,
    I have set up the plugin and added as whitelisted domains the one from my company (we using Google Workspace). Unfortunately when someone does not have the company account registered in the browser Google automatically tries to login with the Gmail one, giving out the 403 error

    Error 403: org_internal
    This client is restricted to users within its organization.

    Is it possible to force users to choose an account and if they don’t have the one from company forcing them to log in with that account?

    On stackoverflow I found this discussion and there seems to be a solution. This is the text from the response:

    `The reason for this error is indeed because the Application type is set to “internal”. But setting it to public is not always the right answer…

    Add “&prompt=select_account” to the authentication url. This will force the user to select the correct (organization-)account.

    Without the parameter, Google tries to show the consent screen for the logged in Google-account, but as it is not an organization-account it will just display the 403 page without giving the user this choice.

    https://developers.google.com/identity/protocols/OpenIDConnect#prompt`

    Is it something possible from my side? I’m using the shortcode [google_login] to show the login form.

    Thank you so much in advance

Viewing 7 replies - 1 through 7 (of 7 total)
Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Errore 403: org_internal’ is closed to new replies.