Skip to main content

Google OAuth

This page shows how to configure Appsmith to use Google OAuth 2.0 as an authentication provider. By integrating with Google OAuth 2.0, Appsmith enables end users to sign in to their Appsmith accounts using their Google credentials.

Prerequisites

  1. A self-hosted Appsmith instance. See the installation guides for installing Appsmith.

  2. A Google Workspace account.

  3. Before setting up Google Auth, ensure that you have already configured a custom domain for your instance.

  4. In Appsmith, go to Admin Settings > Authentication and click Enable on Google.

Configure Google API console

  1. Go to the Google API console to get the authorization credentials that identify Appsmith to Google’s OAuth 2.0 server.
Image
  1. Create a new project, and navigate to the OAuth consent screen under APIs & Services. Configure and register your app based on your target users, and click Create.
Image

  1. In the OAuth consent screen, add app information and a contact email, and specify the Authorized domains where Appsmith is hosted. Click Save and Continue.

  2. In the Scopes section, add basic scopes like email, profile and openid, or others based on your requirements. Click Save and Continue.

Image

  1. Add Test users if required, then click Save.

  2. Navigate to the Credentials screen, click Create Credentials, and select OAuth client ID.

Image
  1. Select Web application under Application type. Update the fields as follows:

  • Authorized JavaScript origins: Add the JavaScript origins URL copied from the Google configuration in Appsmith.

  • Authorized redirect URIs: Add the Redirect URL copied from the Google configuration in Appsmith (e.g., https://app.appsmith.com/login/oauth2/code/google).

  1. Click Create. Once the OAuth client is created, copy the Client ID and Client Secret to use in Appsmith’s Google configuration.
Image

Register Google in Appsmith

To complete the Google configuration, you have to register the provider on Appsmith. Go to Admin Settings > Authentication > Google, and follow the steps below:

Image

  1. Add the Client ID and Client Secret copied from the Google API console into the respective fields.

  2. In the Allowed Domain field, enter the domains where Appsmith accepts sign-ins via Google. This restricts access to specified domains, ensuring only users with emails from these domains can log in through Google.

  3. Once you have added the details, click the Save & Restart button to save the configuration and restart the instance.

info

If you're running Appsmith on a Kubernetes cluster with an HA configuration, after completing the setup, run the following command to ensure the new authentication settings are properly applied:

kubectl rollout restart deployment/appsmith -n

After the Appsmith instance restarts, try logging in again to your account. You'll see a login screen with the Google Login button.

Image

Further reading