Google Single Sign-on

• Go to the Workspace Settings (⚙️) from the left sidebar in the ToolJet dashboard

  

• Select SSO from sidebar and then select Google. Google login will be disabled by default,

  

• Enable Google. You can see Redirect URL generated

  

• Go to Google cloud console and create a project.

  

• Go to the Google cloud console credentials page, and create an OAuth client ID

  

• You'll be asked to select user type in consent screen. To allow only users within your workspace, select 'Internal', otherwise, select 'External'.

  

• You'll be led to an app registration page where you can set OAuth scopes. Select 'Add or remove scopes' and add the scopes userinfo.email and userinfo.profile as shown in the image. This will allow ToolJet to store the email and name of the user who is signing in

  

• Set the domain on which ToolJet is hosted as an authorized domain

  

• Set the Redirect URL generated at manage SSO Google page under Authorised redirect URIs

  

Lastly, set the client id in google manage SSO page. This value will be available from your Google cloud console credentials page

The Google sign-in button will now be available in your ToolJet login screen, if you are not enabled Multi-Workspace.

Multi-Workspace

If you have enabled Multi-Workspace you can configure Google SSO as mentioned above, for setting default SSO for the instance use environment variable.

variable	description
SSO_GOOGLE_OAUTH2_CLIENT_ID	Google OAuth client id

Redirect URL should be <host>/sso/google