diff --git a/internal/config.go b/internal/config.go
index 02c11c2..7106c16 100644
--- a/internal/config.go
+++ b/internal/config.go
@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"net/url"
 	"os"
 	"regexp"
 	"strconv"
@@ -66,6 +67,26 @@ func NewGlobalConfig() Config {
 func NewConfig(args []string) (Config, error) {
 	c := Config{
 		Rules: map[string]*Rule{},
+		Providers: provider.Providers{
+			Google: provider.Google{
+				Scope: "https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email",
+				LoginURL: &url.URL{
+					Scheme: "https",
+					Host:   "accounts.google.com",
+					Path:   "/o/oauth2/auth",
+				},
+				TokenURL: &url.URL{
+					Scheme: "https",
+					Host:   "www.googleapis.com",
+					Path:   "/oauth2/v3/token",
+				},
+				UserURL: &url.URL{
+					Scheme: "https",
+					Host:   "www.googleapis.com",
+					Path:   "/oauth2/v2/userinfo",
+				},
+			},
+		},
 	}
 
 	err := c.parseFlags(args)
@@ -100,9 +121,6 @@ func NewConfig(args []string) (Config, error) {
 		c.Domains = append(c.Domains, c.DomainsLegacy...)
 	}
 
-	// Provider defaults
-	c.Providers.Google.Build()
-
 	// Transformations
 	if len(c.Path) > 0 && c.Path[0] != '/' {
 		c.Path = "/" + c.Path
diff --git a/internal/config_test.go b/internal/config_test.go
index 7bd011a..e8d057a 100644
--- a/internal/config_test.go
+++ b/internal/config_test.go
@@ -1,6 +1,7 @@
 package tfa
 
 import (
+	"net/url"
 	"os"
 	"testing"
 	"time"
@@ -32,7 +33,29 @@ func TestConfigDefaults(t *testing.T) {
 	assert.Equal("/_oauth", c.Path)
 	assert.Len(c.Whitelist, 0)
 
+	assert.Equal("https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email", c.Providers.Google.Scope)
 	assert.Equal("", c.Providers.Google.Prompt)
+
+	loginURL := &url.URL{
+		Scheme: "https",
+		Host:   "accounts.google.com",
+		Path:   "/o/oauth2/auth",
+	}
+	assert.Equal(loginURL, c.Providers.Google.LoginURL)
+
+	tokenURL := &url.URL{
+		Scheme: "https",
+		Host:   "www.googleapis.com",
+		Path:   "/oauth2/v3/token",
+	}
+	assert.Equal(tokenURL, c.Providers.Google.TokenURL)
+
+	userURL := &url.URL{
+		Scheme: "https",
+		Host:   "www.googleapis.com",
+		Path:   "/oauth2/v2/userinfo",
+	}
+	assert.Equal(userURL, c.Providers.Google.UserURL)
 }
 
 func TestConfigParseArgs(t *testing.T) {
diff --git a/internal/provider/google.go b/internal/provider/google.go
index e938ca0..9c6e43d 100644
--- a/internal/provider/google.go
+++ b/internal/provider/google.go
@@ -18,24 +18,6 @@ type Google struct {
 	UserURL  *url.URL
 }
 
-func (g *Google) Build() {
-	g.LoginURL = &url.URL{
-		Scheme: "https",
-		Host:   "accounts.google.com",
-		Path:   "/o/oauth2/auth",
-	}
-	g.TokenURL = &url.URL{
-		Scheme: "https",
-		Host:   "www.googleapis.com",
-		Path:   "/oauth2/v3/token",
-	}
-	g.UserURL = &url.URL{
-		Scheme: "https",
-		Host:   "www.googleapis.com",
-		Path:   "/oauth2/v2/userinfo",
-	}
-}
-
 func (g *Google) GetLoginURL(redirectUri, state string) string {
 	q := url.Values{}
 	q.Set("client_id", g.ClientId)