Configuring Google Workspace as an Identity Provider for AchieveIt
1. Login to the Google API Console.
2. Create a new Project:
3. Configure the OAuth consent screen.
-
- Select the Internal User Type and click Create:
- Enter an App name.
- Under App domain, enter https://my.achieveit.com as the Application home page.
- Under Authorized Domains, click Add Domain, enter auth0.com, click Add Domain again, enter achieveit.com.
- Under Developer contact info, enter support@achieveit.com:
- Click Save and Continue.
- On the Scopes page, Click Add or Remove Scopes.
- Select the userinfo.email scope and click Update:
- Click Save and Continue.
- On Test Users page, click Save and Continue.
- Select the Internal User Type and click Create:
4. Create the Credentials.
-
- Click Credentials from left navigation bar.
- Click Create Credentials and select OAuth client ID:
- From the Application Type dropdown, select Web Application.
- Enter any name for the application.
- Under Authorized JavaScript origins, click Add URI, and enter https://achieve-it.auth0.com.
- Under Authorized Redirect URIs, click Add URI, and enter https://achieve-it.auth0.com/login/callback:
- Click Create
- Upon creation, Google will generate a Client ID and Client Secret. Copy these values.
5. If you have a Google Workspace enterprise domain, you must enable the Admin Service SDK. See here for Google's documentation to enable this service: https://support.google.com/googleapi/answer/6158841
6. Send your AchieveIt technical contact your Google Workspace domain url, client ID, and client secret and await further instructions.