OAuth 2 MUST utilize https.

Published 12 Jan, 2023

Reading time: 1 Mins

To avoid this error during the development you need to update the environment variable with insecure transport

If you’re trying to implement Login with Google for the server side then chances are you encounter this problem. This is precaution warning from the Google Client API because you’re trying to implement the secure login system without the HTTPS which is not a best practice. To avoid this you just need to tell the Google Client that it’s okay to access on HTTP.

Google uses OAuthLib an open source library that implements OAuth2 which checks the environment variable when doing the OAuth dance. You just need to add OAUTHLIB_INSECURE_TRANSPORT to the env and it will bypass the error and works just normally.

import os

If you’re using python-dotenv or django-environ you just need to update the .env file


Read More