How to Restrict Ueberauth Google Strategy to Particular GSuite Domain?

I’m trying to use Google Sign-In with a particular Gsuite domain only.



Looks like they give you the "hd" in the params … which seems to be the domain of the Gsuite login in question.

Also note they give you a bunch of other stuff in the assigns which could be useful. I’ve pulled out that variable here too.

def callback(
        %{assigns: %{ueberauth_auth: auth}} = conn,
        %{"provider" => "google", "hd" => ""} = params
      ), do: sign_in_stuff(conn, params)

def callback(
        %{assigns: %{ueberauth_auth: auth}} = conn,
        %{"provider" => "google", "hd" => _everyone_else} = params
      ), do: reject_sign_in(conn, params)

Thank you. This looks like exactly what I was looking for. Will test soon.