Skip to main content
April 24, 2023
Question

Latest Chrome Extension breaks Google Sign-In on our website?

  • April 24, 2023
  • 28 replies
  • 5034 views

Hello,

We run a website that uses https://developers.google.com/identity/gsi/web/guides/overview, and recently started noticing problems logging into our own website via Google (and then of course are very concerned that our customers have the same problem!)

For those that experience the problem in Chrome, it happens every time. We finally realized that disabling the "1Password - Password Manager" chrome extension immediately fixes the problem.

When the problem occurs, this is found in the browser's console errors:

[GSI_LOGGER]: Check credential status returns invalid response.
GET https://accounts.google.com/gsi/status?client_id=***********&as=**************** net::ERR_BLOCKED_BY_CLIENT

Could this be related to the "Sign in with..." feature? Is there anything we can add to our page to hint to the extension not to use that feature if doing so would fix our Google Login?

Thanks! Please let me know what other information I can provide to resolve this issue.

  • Brady

1Password Version: 1Password for Mac 8.10.4 (81004032)
Extension Version: 2.10.0
OS Version: macOS 13.2.1 (22D68)
Browser:_ Chrome

28 replies

April 26, 2023

Hi @steph_giles, can confirm that the workaround resolves the issue and have forwarded the link to our internal app - support ID number is 131769.

April 26, 2023

Thanks for the workaround, @steph_giles . I can also confirm it resolves the issue.

steph_giles
1Password Employee
April 27, 2023

@cvanes, @nicedawg

Thank you! I'm sorry for any inconvenience caused.

April 28, 2023

Same issue here, it's blocking the Google one tap to be shown.
Console error message:
[GSI_LOGGER]: Check credential status returns invalid response.
GET https://accounts.google.com/gsi/status?client_id=***********&as=**************** net::ERR_BLOCKED_BY_CLIENT

https://developers.google.com/identity/gsi/web/guides/display-google-one-tap

April 30, 2023

@nicedawg 🙌 Thank you so much for reporting this. This thread ended several hours of my debugging why a program I'm writing using the API was having its requests blocked. Moment I turned off 1pass my feature worked.

May 1, 2023

Same problem here. I confirm @steph.giles workaround works for me. Thanks for reporting the issue @nicedawg, I'm curious how were you able to debug it and find the relation with 1Password, as I also spent a lot of time trying to find the cause.

May 1, 2023

Glad it helped explain your problem, @mcanaleta!

The fact that the console was showing that the request was "blocked by client" helped point me in the right direction; often that's an indication of an adblocker, which is what I first suspected, but didn't seem to be the case. But it indicated that something in the browser was blocking it.

Realizing it could be some other Chrome extension, I started to disable a bunch of extensions at the same time, but when I saw 1Password first in my list, I thought about the recent changes that detect/assist with 3rd party logins so tried disabling only that extension - and the problem went away! (If 1Password had decided to name their fantastic product ZPassword it would've taken me much longer to reach the same conclusion. :-) )

@steph_giles : Can you confirm if this is a bug that is being actively worked on? Or is there something we can do on our website to prevent our users from having this same problem logging in? (We can't change their 1Password settings for them.)

May 2, 2023

It makes sense @nicedawg, good reasoning!

Workaround for for developers of web apps affected by this bug: the bug affects the "OneTap" method, but not the "Sign in with Google" button, so a workaround is to just add the <div class="g_id_signin" .../> tag that basically displays a button that opens the typical google login popup (https://developers.google.com/identity/gsi/web/reference/html-reference#element_with_class_g_id_signin). Callbacks or redirects defined in g_id_onload will still work the same way, so no code needs to be changed. It has more friction than the OneTap button of course, and browsers can block the popup, but at least your users will have an opportunity to login.

@steph_giles please keep us up to date, thanks!

steph_giles
1Password Employee
May 5, 2023

Hey all,

Just a little more information on this one.

To prevent confusion with our 'Sign in with' feature and to help user's know which provider they use to sign in on a site, the latest version of 1Password in the browser includes a feature which prevents Google's One Tap UI from appearing. The One Tap UI is intended as an addition to the traditional "Sign in with Google" button.

On testing some sites where we are seeing the problem described above it appears that the "Sign in with Google" button is a custom button that is intended to present the One Tap UI.

Google shares this on their page:

Warning: The One Tap UI should be displayed automatically on page load or other window events, instead of being triggered by a user gesture. Otherwise, you may get a broken UX. Users may not see any UI after a user gesture, due to globally opt-out, cool-down, or no Google session, etc.

If a user isn’t signed into a Google account in their browser, or if they have turned off “Google Account sign-in prompts” in their account settings, the button will not work.

We recommend using Google's Sign in With button which follows Google's guidelines, creates a better user experience, and is not affected by our new feature and the troubles you have described.

I hope this helps!

Edit: typo

May 10, 2023

So your solution to stop 1Password overlapping the Google sign in dialog ... was to block the network request?!