Google SSO Setup
NOTE: While setting up this configuration, it will be best to have two browser tabs open – one with Welkin Admin and one with Google Cloud.
- Sign up for Google cloud (or use existing account). If you have your company domain – use Admin account for that. https://console.cloud.google.com/.
- Click ‘Agree and continue’
- Go to Welkin Admin and create a user with a google account email address (or use already created one).
- Turn on Single Sign on for that user from the user profile settings.
- In Admin, go to security settings and turn on Single Sign-on (Status = Active), select Google for Provider type.
- Go to Google Cloud -> Select a project -> New project.
- Fill the project name. Leave the Location = “No Organization” -> Click ‘Create’.
- Wait until the project is created and сlick ‘Select Project’ in the notification.
- Navigate to API and services -> Credentials.
- Click on ‘Configure consent screen’.
- Select User Type ‘External’ or ‘Internal’ if you want to make it available only to users within your organization. Click ‘Create’.
- Fill your App name and User support email (use current Google email address or another one if needed).
- Scroll down to Authorized domains -> Click ‘Add Domain’.
- Go to Welkin Admin -> Security settings -> Click on Instruction and Copy ‘Authorized Domain’ (Click copy button).
- Go back to Google Cloud Platform -> Paste copied domain.
- Fill developer contact information (person responsible at your organization).
- Click on ‘Save and continue’.
- Scopes tab -> Nothing to fill -> Click ‘Save and continue’.
- Test users -> Click on ‘Add users’ -> Add user which was created in Welkin (or add it here and then create it in Welkin).
- Click ‘Add’ then click ‘Save and continue’.
- Summary screen opened -> click ‘Back to dashboard’.
- Go to Credentials -> Create credentials.
- Select OAuth client ID.
- Select ‘Web application’. Input any name, Click ‘Add URI’.
- Go to Welkin Admin -> Security Setting -> Instructions -> Copy ‘Authorized redirect URI’.
- NOTE: You will need to change the link from smal2 to oauth2 (see screenshot below).
- Go back to Google Cloud Platform -> Paste copied ‘Authorized redirect URI’ (with change fromsmal2 to oauth2). Click ‘Create’.
- Copy Your Client ID and Your Client Secret from Google Cloud and add to Welkin SSO Settings.
- Click on ‘Save’ button to save changes in Welkin SSO settings.
- Try to Log into Welkin with Google -> Click ‘Log in With Google’.
- Select account -> Login is successful!