search

Sign In With Google

hashtag
Prerequisites

Before enabling Google SSO for an app you will need to setup a project on Google Cloud Console. This project will be used to setup SSO (OAuth) for Google Sign Ins. A good naming convention is to name your project the same as your app name.

If the app is being deployed to Google Play you must at least have a preview published. This ensure you have the required SHA1 fingerprint needed.

hashtag
Setup Consent Screen

Once you have setup your project on Google Cloud. Your next step is to create consent screen. This screen is shown to users signing in with Google. Full documentation

  1. Setup Consent Screen. Follow the steps documented to register the app. Depending on your use case you will select one of the following for your for your sign in audience: Internal. Limit authorisation requests to members of the organisation, this means users that are part of your organisation. External. Available to any user with a Google Account.

  2. Home Page Link. This should be a link to your support or marketing website for the app.

  3. Policy & Terms Link. Enter the EULA (End-user license agreement) for both. You can find the app's EULA in policy & content on Raven.

  4. Authorized domains. Enter the top level domains for the platform and primary app domain. For example falkor.io & myapp.web.app.

  5. Scopes. Select Add or Remove Scopes and select userinfo.email & userinfo.profile and select update.

hashtag
Setup For Web

Once the consent screen has been correctly setup you can now setup Sign In With Google. These steps are performed on Google Cloud and Raven.

  1. Create Credentials. While viewing your project select the main menu and navigate to Credentials found in APIs & Services. Select Create Credentials then OAuth Client ID.

  2. Credentials Setup. Select Web Application as the type and name the credential. A good naming convention is your app's name plus the credential type. So for example: "My App Web". This will help separate credentials clearly for other credential types.

  3. Authorized JavaScript origins. This will be the app's primary domain found in Raven. If setting up a preview leave this blank or add the app's preview link. However when going live you must add in the app's primary domain.

  4. Authorized redirect URIs. This will be found in App Settings in Raven. Go to App Settings and look for Sign In Options and select setup on Google. In this screen your will see several redirect URIs, copy the links and add each as a Authorized redirect URI.

  5. Register Client ID & Secret on Raven. Once you have setup your credential on Google Cloud you will be presented your Client ID & Secret. Copy both values into Raven Google Setup where you found the redirect URI.

  6. Enable on Raven. Once you have setup Sign In With Google for the app on Raven correctly. Select the enable switch to turn on. If you have set the mode to preview, Sign In With Google will only appear on preview releases of the app.

  7. Going Live Internal User. If the User Type is internal for the Google Setup is internal, you simple need to set the mode to live on Raven.

  8. Going Live External. If the Users Type is set to external for the Google Setup, you will need to first need to submit to Google for review (see below). Once approved, set the mode to live on Raven.

hashtag
Submit to Google For Review (Optional)

If your OAuth is set for external users you will need to submit to Google for Review. To do this go to OAuth in Google Cloud. Found in APIs & Services. You will need to provide the following for Review.

  1. An official link to your app's Privacy Policy

  2. A YouTube video showing how you plan to use the Google user data you get from scopes

  3. All your domains verified in Google Search Console

You should not need to provide an written explanation for sensitive or restrictive data as you would have only selected profile information.

hashtag
Setup For Android

Before setting up for Android, you must at least have a preview release on Google play. This is to ensure you are able to retrieve a SHA1 Fingerprint from Google Play. You will also be required to create two setups for Android each with different SHA1 Fingerprints.

  1. SHA1 Fingerprints From Google Play. Open you app on Google Play Console and navigate to Setup, then App integrity. Select App Signing and take note of the two SHA1 fingerprints under App signing key certificate & Upload key certificate. You will need these both in later steps.

  2. Create OAuth client ID Android.

  3. Package Name

  4. SHA1 Fingerprint From Google Play

  5. Store client ID on App Manager

hashtag
Setup for iOS

Before setting up for Apple, you must at least have a preview (TestFlight) release on AppStore Connect and will be required to set up a related service ID.

  1. Enable Sign in With Apple. On Apple Developer open your App ID configuration and enable Sign in With Apple, then select Save.

  2. Package Name

  3. App Store ID

  4. Team ID

PreviousSign In With GitHubNextSign In With Microsoft

Last updated