Configuring Google Workspace SSO with Auth0

Requirements

  • A user with an Admin role in Google Developers Portal. If you do not have this role, please reach out to an Google Developers Portal Admin within your organization to configure the integration
  • Ensure that you’ve set up the OAuth consent screen as detailed in the Google documentation, with Auth0.com listed as an authorized domain

Installation

  1. Go to the API Console

  2. Select the project you wish to use or create a new one for this integration

  3. From the left sidebar, select APIs & Services and click Credentials

  4. Click Create Credentials, then select OAuth client ID

    Google Console menu

  5. Select Web Application as Application type and enter the general information for the integration

  6. Add the following values:

    • Authorized JavaScript origins

      https://buoyant.us.auth0.com
      https://accounts.buoyant.io
      
    • Authorized redirect URIs

      https://buoyant.us.auth0.com/login/callback
      https://accounts.buoyant.io/login/callback
      
  7. Click Create

  8. Click Create to generate the credentials. You’ll see values for the Client ID and Client Secret

    Client ID and Secret

  9. Provide these values and your Google Workspace Domain to the Buoyant Team to finalize the configuration on the Portal

  10. Once the integration is confirmed, you’ll receive a login URL to test and add to your Google Workspace workflow

Uninstall

To uninstall the Google Workspace SSO integration, follow these steps:

  1. Go to the API Console
  2. Select your project, go to Credentials, and delete the OAuth Client ID associated with the Auth0 integration
  3. In the OAuth Consent Screen settings, remove Auth0.com from the authorized domains list if it is no longer needed
  4. Verify that the SSO integration is fully disabled by testing access and ensuring users can no longer log in via Google Workspace credentials