Google Single Sign-on
Select Manage SSO from workspace options
Select Google, Google login will be disabled by default
Enable Google. You can see Redirect URL generated
Go to Google cloud console and create a project.
- Go to the Google cloud console credentials page, and create an OAuth client ID
- You'll be asked to select user type in consent screen. To allow only users within your workspace, select 'Internal', otherwise, select 'External'.
- You'll be led to an app registration page where you can set OAuth scopes. Select 'Add or remove scopes' and add the scopes userinfo.email and userinfo.profile as shown in the image. This will allow ToolJet to store the email and name of the user who is signing in
- Set the domain on which ToolJet is hosted as an authorized domain
Set the Redirect URL generated at manage SSO Google page under Authorised redirect URIs
Lastly, set the client id in google manage SSO page. This value will be available from your Google cloud console credentials page
The Google sign-in button will now be available in your ToolJet login screen, if you are not enabled Multi-Workspace.
Multi-Workspace
If you have enabled Multi-Workspace you can configure Google SSO as mentioned above, for setting default SSO for the instance use environment variable.
| variable | description |
|---|---|
| SSO_GOOGLE_OAUTH2_CLIENT_ID | Google OAuth client id |
Redirect URL should be <host>/sso/google