I am using the Google PHP API to authenticate user login. I would like to restrict login access to specific email domains, eg only users with email @thedomain.com can login.
I've tried setting the hd parameter as suggested, with no luck. I also noticed that the returned $client = new Google_Client(); object returns an empty string for ["hd"]=> string(0) ""
Checking the email domain after authentication may be viable, but i fell like there must be a method within the Google API.
Anyone have ideas or suggestions?
Ended up using the hd object, which required instantiating a new $service
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
// create service to pull userinfo
$service = new Google_Service_Oauth2($client);
$user = $service->userinfo->get();
$userHd = $user['hd'];
if ($userHd === 'thedomain.com') {
// log the user in
}