Configuring Google Single Sign On

Please download PDF for comprehensive instructions

NOTE: While setting up this configuration, it will be best to have two browser tabs open – one with Welkin Admin and one with Google Cloud.

  1. Sign up for Google cloud (or use existing account). If you have your company domain – use Admin account for that. https://console.cloud.google.com/.
    1. Click ‘Agree and continue’
  2. Go to Welkin Admin and create a user with a google account email address (or use already created one).
  3. Turn on Single Sign on for that user from the user profile settings.
  4. In Admin, go to security settings and turn on Single Sign-on (Status = Active), select Google for Provider type.
  5. Go to Google Cloud -> Select a project -> New project.
  6. Fill the project name. Leave the Location = “No Organization” -> Click ‘Create’.
  7. Wait until the project is created and сlick ‘Select Project’ in the notification.
  8. Navigate to API and services -> Credentials.
  9. Click on ‘Configure consent screen’.
  10. Select User Type ‘External’ or ‘Internal’ if you want to make it available only to users within your organization. Click ‘Create’.
  11. Fill your App name and User support email (use current Google email address or another one if needed).
  12. Scroll down to Authorized domains -> Click ‘Add Domain’.
  13. Go to Welkin Admin -> Security settings -> Click on Instruction and Copy ‘Authorized Domain’ (Click copy button).
  14. Go back to Google Cloud Platform -> Paste copied domain.
  15. Fill developer contact information (person responsible at your organization).
    1. Click on ‘Save and continue’.
  16. Scopes tab -> Nothing to fill -> Click ‘Save and continue’.
  17. Test users -> Click on ‘Add users’ -> Add user which was created in Welkin (or add it here and then create it in Welkin).
    1. Click ‘Add’ then click ‘Save and continue’.
  18. Summary screen opened -> click ‘Back to dashboard’.
  19. Go to Credentials -> Create credentials.
  20. Select OAuth client ID.
  21. Select ‘Web application’. Input any name, Click ‘Add URI’.
  22. Go to Welkin Admin -> Security Settings -> Instructions -> Copy ‘Authorized JavaScript origin’ (click copy button).
  23. Go back to Google Cloud Platform -> Paste the copied ‘Authorized JavaScript origin’.
  24. Go to Welkin Admin -> Security Setting -> Instructions -> Copy ‘Authorized redirect URI’.
    1. NOTE:  You will need to change the link from smal2 to oauth2 (see screenshot below).
  25. Go back to Google Cloud Platform -> Paste copied ‘Authorized redirect URI’ (with change fromsmal2 to oauth2). Click ‘Create’.
  26. Copy Your Client ID and Your Client Secret from Google Cloud and add to Welkin SSO Settings.
    1. Click on ‘Save’ button to save changes in Welkin SSO settings.
  27. Try to Log into Welkin with Google -> Click ‘Log in With Google’.
  28. Select account -> Login is successful!

More Questions?
If you have any questions, please email the Customer Success Management team at CSM@welkinhealth.com or contact your Implementation/CSM directly.