authentik/website/docs/integrations/sources/google/index.md

2.8 KiB

title
Google

Allows users to authenticate using their Google credentials

Preparation

The following placeholders will be used:

  • authentik.company is the FQDN of the authentik install.

Google

You will need to create a new project, and OAuth credentials in the Google Developer console. The developer console can be overwhelming at first.

  1. Visit https://console.developers.google.com/ to create a new project
  2. Create a New project.

Example Screen

  1. Project Name: Choose a name
  2. Organization: Leave as default if unsure
  3. Location: Leave as default if unsure

Example Screen

  1. Click Create
  2. Choose your project from the drop down at the top
  3. Click the Credentials menu item on the left. It looks like a key.

Example Screen

  1. Click on Configure Consent Screen

Example Screen

  1. User Type: If you do not have a Google Workspace (GSuite) account choose External. If you do have a Google Workspace (Gsuite) account and want to limit access to only users inside of your organization choose Internal

I'm only going to list the mandatory/important fields to complete.

  1. App Name: Choose an Application
  2. User Support Email: Must have a value
  3. Authorized Domains: authentik.company
  4. Developer Contact Info: Must have a value
  5. Click Save and Continue
  6. If you have special scopes configured for google, enter them on this screen. If not click Save and Continue
  7. If you want to create Test Users enter them here, if not click Save and Continue
  8. From the Summary Page click on the *Credentials link on the left. Same link as step 8
  9. Click Create Credentials on the top of the screen
  10. Choose OAuth Client ID

Example Screen

  1. Application Type: Web Application
  2. Name: Choose a name
  3. Authorized redirect URIs: https://authenik.company/source/oauth/callback/google/

Example Screen

  1. Click Create
  2. Copy and store Your Client ID and Your Client Secret for later

authentik

  1. Under Resources -> Sources Click Create Google OAuth Source

  2. Name: Choose a name (For the example I use Google)

  3. Slug: google (If you choose a different slug the URLs will need to be updated to reflect the change)

  4. Consumer Key: Your Client ID from step 25

  5. Consumer Secret: Your Client Secret from step 25

  6. Provider Type: Google

Here is an example of a complete authentik Google OAuth Source

Example Screen

Save, and you now have Google as a source.

:::note For more details on how-to have the new source display on the Login Page see here. :::