kirk444
commented
12 months ago I believe you can accomplish this directly with Google when you're configuring the "OAuth consent screen". There will be a field where you can specify allowed domains:
Authorized domains
When a domain is used on the consent screen or in an OAuth client’s configuration, it must be pre-registered here. If your app needs to go through verification, please go to the [Google Search Console ](https://search.google.com/search-console/about)to check if your domains are authorized. [Learn more ](https://support.google.com/cloud/answer/7650096) about the authorized domain limit.
Is your feature request related to a problem? Please describe. Many users might need to limit oauth2 login with Google to allow only our corporate email domain. By default any valid google account is able to login, including @gmail.com .
Describe the solution you'd like Add hd (hosted domain) variable to oauth configuration section. https://developers.google.com/identity/openid-connect/openid-connect#hd-param
Describe alternatives you've considered We currently use apache openidc module for login to Thruk
Additional context