1. Go to the Google Cloud Console and create or use an existing project. Then go to APIs and service and click "+ CREATE CREDENTIALS" and select "OAuth client ID"

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/b61260aa-f9ae-43d7-aacf-b802cf5e539b/Untitled.png

  1. Choose "Web application" for the client type

  2. For the Authorised Javascript origins put [<https://secoda.company.com>](<https://secoda.company.com>) and http://secoda.company.com

  3. For the Authorised redirect URIs put https://secoda.company.com/auth/realms/secoda/broker/google/endpoint and

http://secoda.company.com/auth/realms/secoda/broker/google/endpoint

  1. Click Save

  2. Save the client id and secret that are generated

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/4c5158b0-e3eb-4082-8397-edc9de9c208a/Untitled.png

  1. Go to [<https://secoda.your-company.com/auth>](<https://secoda.your-company.com/auth>) and click on Identity Providers in the left hand navigation menu of Keycloak

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/9bc220e0-9bdf-496f-9aa9-c279d394518b/Untitled.png

  1. Click "Add provider..." and select Google

  2. Add your client ID and secret to the input boxes and click Save

  3. Enjoy using Google SSO