I am trying to implement Google OpenID following the directions at https://docs.directus.io/self-hosted/sso.html#openid.

The Login with Google button shows up for the admin panel. However, I keep running into the following error after selecting the Google Account to use for authentication:
{"errors":[{"message":"Invalid user credentials.","extensions":{"code":"INVALID_CREDENTIALS"}}]}

Can someone throw some light on it?

I vaguely remember having a helluva time gettting the google auth to work correctly. The recent update 9.19.2 actually messed up the refresh token making using oauth a hassle. Here is my .env section that deals with google. if it is helpful, just replace all the xxxxx with your own credentials.

Auth Providers

A comma-separated list of auth providers []

#AUTH_PROVIDERS=""
AUTH_PROVIDERS="google"
AUTH_DISABLE_DEFAULT="true"
AUTH_GOOGLE_DRIVER="openid"
AUTH_GOOGLE_CLIENT_ID="xxxxx.apps.googleusercontent.com"
AUTH_GOOGLE_CLIENT_SECRET="xxx-xxx-xxxxxxxxxxxxxxxxxxxxx"
AUTH_GOOGLE_ISSUER_URL="https://accounts.google.com"
AUTH_GOOGLE_IDENTIFIER_KEY="email"
AUTH_GOOGLE_ICON="google"
AUTH_GOOGLE_ALLOW_PUBLIC_REGISTRATION="false"

This allows users to be automatically created on logins. Use "false" if you want to create users manually

AUTH_GOOGLE_DEFAULT_ROLE_ID="xxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

Replace this with the Directus Role ID you would want for new users. If this is not properly configured, new users will not have access to Directus

Remember add PUBLIC_URL! https://docs.directus.io/self-hosted/config-options.html#general