mirror of
https://github.com/ToolJet/ToolJet
synced 2026-05-06 06:48:21 +00:00
307c2cd05a
* added pages for directories and updated sidebar * added notion and openapi in sidebar.js
2.3 KiB
2.3 KiB
| id | title |
|---|---|
Google Single Sign-on
- Go to the Google cloud console and create a project.
- Go to the Google cloud console credentials page, and create an OAuth client ID
- You'll be asked to select user type in consent screen. To allow only users within your organization, select 'Internal', otherwise, select 'External'.
- You'll be led to an app registration page where you can set OAuth scopes. Select 'Add or remove scopes' and add the scopes userinfo.email and userinfo.profile as shown in the image. This will allow ToolJet to store the email and name of the user who is signing in
- Set the domain on which ToolJet is hosted as an authorized domain
- Lastly, supply the environment variable
SSO_GOOGLE_OAUTH2_CLIENT_IDto your deployment. This value will be available from your Google cloud console credentials page
:::info
Restrict to your domains
Set the environment variable SSO_RESTRICTED_DOMAIN to ensure that ToolJet verifies the domain of the user who signs in via SSO, on the server side.
If you're setting this environment variable, please make sure that the value does not contain any protocols, subdomains or slashes. It should
simply be yourdomain.com. Add multiple domians separated by coma example : yourdomain.com,yourotherdomain.com
:::
:::info
Restrict signup via SSO
Set the environment variable SSO_DISABLE_SIGNUP to true to ensure that users can only log in and not sign up via SSO. If this variable is set to true, only those users who have already signed up, or the ones that are invited, can access ToolJet via SSO.
:::
The Google sign-in button will now be available in your ToolJet login screen.