Gmail OAuth blank

I’m about to lose my mind setting this OAuth setup in SuiteCRM.

I’ve setup the necessary items on Google’s Cloud Console.

I’ve setup the External OAuth Providers, selected ‘Generic’ as the Connector

Then I went ahead and setup the External OAuth Connections and chose the provider I’ve setup.

Problem is when i hit “Authenticate” it opens a pop-up but its just blank?

What am I doing wrong here? We have version Version 8.8.0 installed.
PHP 8.3.19
mysql Ver 14.14 Distrib 5.7.42

Please help

Does it support Oauth for gmail? I though it only worked with Microsoft?

I’m not sure, I thought the “Generic” option would be just for any other mail server other than Microsoft. Is there a workaround?

I’ve been using app passwords for gmail.

Hi @kth90
The blank popup usually means there’s either a browser issue or a misconfigured redirect URI.

Try checking the DevTools console (F12) for any errors when clicking “Authenticate.”

Also, make sure your Google Cloud Console has the exact same redirect URI as SuiteCRM expects (usually something like /oauth/callback).

The redirect URI on my suitecrm is

/entryPoint=setExternalOAuthToken

is it right that this is not editable? i also have this on my Authorized redirect URIs over on google cloud console.

I tried opening the dev tools while hitting authenticate but it didn’t show anything

How do I set that up over on suitecrm?

@kth90
Thanks for the update!

Yes, you’re right — /index.php?entryPoint=setExternalOAuthToken is the correct redirect URI for SuiteCRM’s OAuth setup, and no, it’s not something you can edit from the UI.

Here are a few things to double-check:
in Google Cloud Console:
Make sure you’ve added the full redirect URI like this (with your actual domain):
https://yourdomain.com/index.php?entryPoint=setExternalOAuthToken
On your SuiteCRM setup:

• Confirm that the site_url in your config.php file matches your actual domain, including https://
• If you’re using any .htaccess rules or URL rewrites, make sure they’re not blocking or redirecting /index.php
• Try disabling any popup blockers or browser extensions — they sometimes block OAuth popups without warning

Also, just to be safe — check that your SuiteCRM instance is publicly accessible (no firewall or IP restrictions), since the popup needs to reach that redirect endpoint to work.
One more thing: try opening the full redirect URL directly in your browser — does it load anything or just stay blank? That might give us another clue.

Hi,

Thank you for helping me. I updated my site_url and reloaded what needs to be reloaded, also no rules blocking on .htaccess and firewall. I also disabled my popup blocker and extensions, also tried it on a different browser and on incognito as well.

When I opened the redirect url index.php?entryPoint=setExternalOAuthToken this gave me a “Can’t reach page”, I have also added another authorized uri on our google cloud and it was the index.php?entryPoint=oauth2callback for this it just opened our suitecrm overview page.

We can also access this publicly but still blank

@kth90
If you’re getting a “Can’t reach page” when going to index.php?entryPoint=setExternalOAuthToken, it likely means SuiteCRM isn’t recognizing that entry point.

Here’s what you can try next:

1. Check if the handler file exists: Go to your SuiteCRM folder and make sure this file is there:
   include/entryPoint_registry/ExternalOAuthToken.php
   If it’s missing, SuiteCRM won’t know how to process that URL.
2. Run a Quick Repair and Rebuild:
   From the admin panel, go to Admin → Repair → Quick Repair and Rebuild — this helps SuiteCRM register all necessary routes and entry points.
3. Double-check the redirect URI in Google Cloud Console:
   It should match your full domain exactly like this:
   https://yourdomain.com/index.php?entryPoint=setExternalOAuthToken

Ohh the handler file doesn’t exist when I searched for it on the root folder.

Also I noticed that after changing the site_url in my config.php the Redirect URI changed from the default “http://suite-crm…” to our domain so I updated it on google cloud console as well and when I check it directly now –
https://yourdomain.com/index.php?entryPoint=setExternalOAuthToken

it says

"The specified OAuth2 providers is not supported or not properly configured"

I checked my Gmail OAuth provider again and on the field for Client ID im just noticing now that I also had pasted the word “Client ID ” together lol omg, I updated it now but now when I check the link directly again it now says “Invalid state”

@kth90
No worries

The “Invalid state” error usually means the OAuth flow was broken, likely due to session issues.

Just try this :

• Try the full flow from the UI (don’t open the redirect link directly).
• Make sure cookies/sessions are allowed (avoid incognito for now).
• Double-check that site_url in config.php matches the domain in Google Console exactly (with https://).

It’s still blank what is wrong with this

Also, what do you mean on this? Do you mean the redirect url or just our domain? If its just our domain I’ve confirmed that this matches.

@kth90

By site_url, I meant the value in config.php — it should match the authorized domain in Google Console exactly (with https://, no trailing slash).

Also, ensure the redirect URL in your code matches the one set in Google Console OAuth settings exactly.

If it’s still blank, check the browser console for any errors.
kindly check this and let me know .

Hello,

I’ve confirmed that everything matches, ours is just http so I made sure the domains match.

Here’s what I see on the browser console

@kth90
Thanks for sharing the console log.

• It looks like there’s a JavaScript module version mismatch and missing reference to ExternalOAuthConnection.
• I’d suggest checking if that module is correctly installed and registered in your SuiteCRM instance.
• Also, ensure that all JS files are properly compiled (maybe try a fresh build if you’ve made changes), and there are no HTTP/HTTPS conflicts.

hey @Urvi just want to be clear, so the Oauth does (or is supposed to) work with
Gmail/Gsuite?

Thank you for helping me troubleshoot this but I have opted in using the app password instead, when I get another chance, I’ll reinstall this again on a development server and try again but so far for now doing it via app password has worked.

Quick question tho, I was able to authenticate and send test emails and even compose and send an email from the Email module but I don’t see my emails being loaded when I click on “View Email”, how long does it usually load? or could it still be synching?

Hey! @pstevens
Yes, just to clarify — the OAuth setup does support Gmail/Gsuite accounts, provided everything is configured correctly (client ID, redirect URI, scopes, etc.).