24

I want to share some dynamic content on google+. For this I checked it https://developers.google.com/+/web/share/interactive#rendering_the_button_with_javascript

<head>
<script type="text/javascript">
  (function() {
   var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true;
   po.src = 'https://apis.google.com/js/client:plusone.js';
   var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s);
 })();
</script>
</head>
<body>
<button
  class="g-interactivepost"
  data-contenturl="http://www.pubandbar-network.co.uk/" 
  data-clientid="102180630313.apps.googleusercontent.com"
  data-cookiepolicy="single_host_origin">  Share 
</button>
</body>

But when executing I am getting this error

Error: origin_mismatch
Request Details

    scope=https://www.googleapis.com/auth/plus.login
    response_type=code token id_token gsession
    access_type=online
    redirect_uri=postmessage
    cookie_policy=single_host_origin
    proxy=oauth2relay554026710
    origin=http://www.pubandbar-network.co.uk
    state=1995523240|0.4607792083184853
    display=page
    client_id=102180630313.apps.googleusercontent.com
    authuser=0

Please suggest how to fix this

tshepang
  • 10,772
  • 21
  • 84
  • 127
user2439124
  • 291
  • 1
  • 2
  • 13

16 Answers16

46

Origin mismatch is normally caused by the Javascript origins not being set correctly in the API project console. You need to make sure that the Javascript origins match the domain from which your requests are coming and to which you are returning the user after sign in.

More details can be found in the developer documentation in the "Create a client ID and client secret" section.

Note: A common mistake here is to add javascript origins for http:// but not https:// (or vice versa). If you want to allow users to access your site from both then you need to list both in the javascript console.

Note (Thanks Bethel Goka): You must include the port number of your server in the javascript origins if a port number appears in the url when users access your site.

Lee
  • 3,962
  • 19
  • 17
  • 2
    the google document is not updated so far, when i removed www from original URL,then only it worked, http ://example.com , "Registered apps" is still not there where as the other options can be found in "Credentials" – SML Mar 14 '14 at 10:07
  • As an extra point we had this problem without realising that it treats "http://localhost" and "https://localhost" differently, so adding localhost SSL tripped us up. – M1ke Apr 27 '16 at 13:02
  • In my case, I have `*.domain.com/*`, which is the placeholder example they give. It works fine in both test environments (subdomains), but not in production (uses `app` subdomain). I have no idea why. – Captain Hypertext Jan 22 '18 at 17:22
8

It worked for me by removing "www." from google console. I simply used http://example.com and it worked ...

user3981671
  • 81
  • 1
  • 1
5

For VS users:
Open Properties of your project and get Project URL:

enter image description here
This is your Javascript Origins

Change also the Redirect URIs. It should be your origins + "/oauth2callback"
For me:

enter image description here

Yuliia Ashomok
  • 7,177
  • 1
  • 53
  • 59
4

(The error has the answer for you)

need to set javascript origin in google console api As

origin=**http://www.pubandbar-network.co.uk**

scope=https://www.googleapis.com/auth/plus.login
response_type=code token id_token gsession
access_type=online
redirect_uri=postmessage
cookie_policy=single_host_origin
proxy=oauth2relay554026710
*origin=http://www.pubandbar-network.co.uk*
state=1995523240|0.4607792083184853
display=page
client_id=102180630313.apps.googleusercontent.com
authuser=0
Yene Mulatu
  • 2,128
  • 1
  • 14
  • 12
3

My default javascript origins is https://www , my website does not support https:// , I included http://www. http:// https://www. and https:// , it works.

user3315198
  • 41
  • 5
2

If your client id, client secret, and your javascript origins url is correct you might want to check whether the port you're using is exactly the same with the url you put in for javascript origins. I mistyped mine by one digit: e, g localhost:888 instead of localhost:8888 and got that error because my javascript origins was localhost:8888 not 888

Bethel Goka
  • 526
  • 4
  • 5
2

Just a little addition to Lee's answer: listing both the www.whatever.ext and whatever.ext forms of your URL in JavaScript origins may get rid of the error. That's what did the trick for my app.

nydame
  • 174
  • 2
  • 6
  • Thank you so much. I spent an hour this morning trying to get this to work. I tried both www.example.com and example.com separately. I wonder why combining them makes it work. – katzkode Jul 27 '14 at 03:07
2

I did a stupid thing which took a few minutes to resolve, so I thought I would post a warning in case somebody else falls in this trap.

In the console, when origins are displayed, 'Redirect URIs' come above 'Javascript origins'. When you open the edit pane, it's the other way around, so if you are not paying attention, you could paste your origins in the Redirect URIs field and ....

kpg
  • 6,672
  • 6
  • 31
  • 58
2

1: Open the Credentials page for your project.

2:Double-click on your OAuth 2.0 Web client in the client ID list.

3: Make sure that in the web client ID form, change the Authorized JavaScript origins field to http://localhost:8080 when you are running the server locally. When running remotely add the corresponding appspot server url.

Vikas
  • 3,935
  • 1
  • 30
  • 37
2

The most common oversight resulting in this error is forgetting to add both HTTP and HTTPS origins on the consent settings in the App Credentials dashboard.

To fix, go to https://console.cloud.google.com/apis/credentials?project=YOUR-APP-ID

Select the OAuth 2.0 client IDs if you had already created one.If not, you will have to create a new client ID for your origin.

Under Authorised JavaScript origins, add both https and http origins for you app if had not added both.

Jasper Kinoti
  • 463
  • 3
  • 9
1

Log out from all google services from your browser.

vijay
  • 41
  • 1
  • This actually worked for me. i was logged on to google already on Chrome. So I tried on FF and it worked perfectly. – Tirtha Nov 13 '15 at 05:54
1

I same had the problem for google + api sign in.I was getting Error:origin_mismatch and same details were there as they are in the question .. my javascript credentials had http://localhost:4567 but when I run the python file it opened the link as 0.0.0.0:4567 thats basically a localhost but when i changed the url in browser to http://localhost:4567 now the error was removed .. and my application was able to get the OAuth box .. and all went fine!!! this thing removed my error... Please let me know whether I was correct because I just started learning how to use apis

Suraj Palwe
  • 1,942
  • 2
  • 21
  • 41
0

Please check the origin url set in google console for you WEB application/Android

and check the http or https because your site does not work on https (in general site).

Warlord
  • 2,754
  • 14
  • 21
user3359503
  • 31
  • 1
  • 6
0

You must read the developer guide here

https://developers.google.com/analytics/devguides/reporting/embed/v1/devguide

Good luck !

Ali Raza
  • 169
  • 13
0

I had this error trying to use the "Google Play Games Services Management Demo" and it was because of missing "www" in the URL

Alberto Méndez
  • 935
  • 11
  • 27
0

I fixed it by change JavaScript origins and redirect URIs in google console from http://0.0.0.0:4567 to http://localhost:4567, remember adding /oauth2callback after redirect URIs and change url on browser to http://localhost:4567

Phong Vy
  • 229
  • 4
  • 17