Integrating Google Drive into WordPress sounds simple until you need each user to access only their own files. In this case, the goal was to allow individual users to connect their personal Google Drive accounts, upload or embed files, and collaborate without exposing other users’ data.
Here’s how we approached and solved this complex Google Drive integration in WordPress.
Issue Background
A WordPress site required:
- Users to connect their own Google Drive accounts
- Access limited strictly to their own files
- Ability to embed or link Google Drive documents (e.g., PDFs) into posts/pages
- No shared or global Drive access between users
At first glance, this seems like a standard plugin setup, but most Google Drive plugins are designed to:
- Use a single shared Google account
- Expose files globally across users
- Lack proper user-level isolation
This made the requirement significantly more advanced than a typical plugin install.
Diagnosis
Evaluating available plugins
We explored several plugin options, including:
- Google Drive Embedder
- Google Apps Login
These plugins allowed authentication via Google accounts and basic browsing and embedding of files. However, testing revealed a critical limitation. Some plugins expose the same Google Drive files to all users, even when logged in separately. This made them unsuitable for a secure, multi-user environment.
Identifying the correct approach
To meet the requirement of true per-user isolation, the solution needed OAuth-based authentication per user, individual Google account connections, and no shared storage or cross-user visibility. This required Google Cloud Console configuration.
Google Cloud application requirements
To properly authenticate users individually, we needed to create a custom Google Cloud project, configure OAuth credentials, enable the Google Drive API, and handle app verification and permissions.
During testing, we encountered unverified app warnings, access issues due to missing permissions, and delays caused by incorrect Google Cloud setup.
Resolution Steps
Step 1: Select a compatible plugin stack
- Google Drive Embedder for file browsing and embedding
- Google Apps Login for user authentication
Step 2: Configure Google Cloud Console
- Create a Google Cloud project
- Enable the Google Drive API
- Configure OAuth consent screen
- Generate Client ID and Secret
- Set correct redirect URIs
Using the site owner’s Google account ensures proper ownership and avoids long-term access issues.
Step 3: Resolve authentication warnings
- Configure app branding and permissions
- Update developer details in Google Cloud
- Ensure proper domain association
Step 4: Validate user-level access
- Each user logs in with their own Google account
- Only their files are visible
- Shared files appear only if shared via Google permissions
- No cross-user data exposure
Step 5: Test embedding functionality
- Browse Google Drive inside WordPress
- Embed files into posts or pages
- Add downloadable or preview links
Step 6: Deploy to production
- Push changes live after testing
- Finalize OAuth configuration
- Confirm functionality across users
Final Outcome
- Secure user-specific Google Drive access
- Full separation between user files
- Seamless embedding into WordPress
- Stable OAuth-based authentication
Key Takeaways
- Most Google Drive plugins are not built for multi-user isolation
- OAuth and Google Cloud setup are required for secure implementations
- Expect complexity around permissions and verification
If you need help integrating Google Drive with WordPress or configuring secure user-based access, our team can help.
Contact Freshy for expert WordPress support.
