Skip to content

Troubleshooting Login and Permissions


  • User not able to login using Google OAuth.

    If all users are unable to sign in using Google OAuth, check the 'Google OAuth Login Not Working' item below. If the problem only exists for one or some users though, check the following:
  • Check the user group the user is in is set to enabled.
  • Check the users email address is verified by in Google Mail / Admin.
  • Check the email address used as the username exactly matches the primary email address registered in the users Google Suite/Mail account.
  • Check the user set to use your Google OAuth Authentication Service in the EndPoint Monitor web console.
  • Check the users browser is not blocking cookies being set by account.google.com.
  • Check there is no add blocker or privacy extensions installed on the users browser that might be preventing access to the required Google sites.

    If you have information logs enabled, the specific reason for the rejected login should be logged, and usually can be searched for using the users email address / login id.



  • Google OAuth login not working.

    If all users are unable to sign in using Google OAuth the follow the below steps. If only a subset of users have an issue logging in this way follow the steps above under 'User not able to login using Google OAuth'.
  • Check in the EndPoint Monitor web console user Login & Users > Authentication that there is an entry listed with the type of GOOGLE_OAUTH and that is set to enabled.
  • Check the 'Client ID' value in this Authentication Service is set exactly the same as shown in the Google Could Dashboard under Credentials and the appropriate OAuth 2.0 Client, ensuring no accidental whitespace introduced.
  • Within the Google Oauth 2.0 Client configuration in the Google Cloud Dashboard, check that the domain being used to access EndPoint Monitor is listed within the 'Authorized JavaScript origins'.
  • If self-hosting, ensure that where ever the EndPoint Monitor controller is running can reach out to GCP IP addresses on TCP port 443, or if the Authentication Service is set to use a Proxy, that the proxy itself can, and that the EndPoint Monitor controller can reach the proxy given.
  • If using multiple controllers, restarting them may help in case any changes in Google OAuth configuration didn't successfully propagate across all instances.
  • Check the EndPoint Monitor logs, as these will likely indicate the cause for any problem. Additionally, inspecting the console logs on a browser trying to log in will indicate if it's an issue with the front-end Google Login.



  • No Google login button showing.

    This is generally caused by one of two issues.
  • There is no Authentication Service set up and enabled within the EndPoint Monitor controller that uses Google OAuth. This login method is not automatically enabled and requires configuring, see ./authentication.md#Adding Authentication Service for details.
  • Something is preventing the Google client library from loading on the EndPoint Monitor login page. If using self-hosting and using a reverse proxy for access, then check any additional security heads that you may be setting aren't preventing requests to Google working and that if using a proxy or add blockers that these are not preventing access too.