Single Sign On with Google
There are several step to set up Google Single Sign On:
- Get Credentials from Google
- Add Credentials into the app
- Add the SSO mechanism into the login component
- Add the SSO into the Signup Component
To get the Client ID and Client Secret from Google, start by going to the API Credentials Portal in the Google Console: https://console.developers.google.com/apis/credentials
Create OAuth Consent Screen
Create a new OAuth consent screen in your Google Console. This will be where you enter your details about your app, the app logo, and other relevant details. If this will be used only within your organization, select Internal, otherwise External.
If you select External, the instructions below are incredibly important
External App Types
1. You must add test users in the OAuth consent screen configuration. Only the email addresses added as test users will be able to signup for your Tadabase application using Google SSO.
2. After testing to confirm your integration is working, you must update the Publishing status to "Published".
Generate Credentials
After creating the OAuth consent screen, head over to the Credentials menu, click + CREATE CREDENTIALS, and choose OAUTH client ID.
On the next screen, choose:
- Application Type = Web application
- Name = a name of your choice
- Authorize redirect URI's = Get this value from Tadabase (see below)
To get the Callback URL, also knows as Authorized Redirect URLs, get this value from within your app settings for the specific provider you are enabling this for.
Save Credentials to App
Google will then provide you with the Client ID and Client Secret which must be pasted into the SSO settings inside of Tadabase.
Adding SSO to the Signup Component
In order for your users to login to your app using SSO, they must sign up using the login component.
If you have Email signups and logins enabled you can add the Single Sign on methods directly into the Signup form.
When email signups are disabled in the User Settings, and an SSO method is enabled as can be seen in the image below, you must add the SSO links in the Single Sign On (SSO) screen instead:
The default signup for will be replaced with the Single Sign On (SSO) form which will appear during this circumstance. You can add your SSO buttons into the Single Sign On (SSO) form instead
Adding SSO to the Login Component
To add the SSO provider as an option in the login form, open the login form and hover over the column you wish to add it into. Click the + icon and choose Login With Google.
This will add the Login With Google option inside your login component.
SSO on Copied Apps
If a copy of an app with SSO set up has been created and the users of the copied app must be able to use their Google account to log in, you may enable this by adding the callback URL of the copied app to the Authorized URIs of the existing OAuth Client ID for the original app.
We'd love to hear your feedback.