SSO With Google

Last modified on May 20, 2025

This guide provides step-by-step instructions on how to configure single sign-on (SSO) with Google. You already use Google to conveniently manage permissions to applications. After SSO configuration is complete, you’ll also be able to use Google to manage permissions to your Datasources.

Steps

  1. First, enable API access. From the Google Admin console, navigate to the Security tab. Under API reference, enable API access.
  2. Navigate to https://console.developers.google.com and click Create Project. On the New Project dialog, set the following:
    • Project name: Give the project a name.
    • Organization: Select strongdm.com.
    • Location: Select strongdm.com.
  3. From the APIs & Services menu, select OAuth consent screen. Then select user type Internal and click Create.
  4. On the Branding page, set the following (in addition to any required fields):
    • Application home page: Enter the appropriate value based on your region (https://app.strongdm.com).
    • Authorized domains: Add strongdm.com as the domain.
  5. From the APIs & Services menu, select Credentials and then click Create Credentials to create a new OAuth client ID. On the page that opens, set the following:
    • Application type: Select Web application.
    • Name: Enter StrongDM.
    • Authorized JavaScript origins: Enter the appropriate value based on your region as the URI (https://app.strongdm.com).
    • Authorized redirect URIs: Enter the appropriate value as the redirect URI (https://app.strongdm.com/auth/return).
  6. Copy the OAuth client ID and client secret. You will need them in a later step.
  7. Next, enter the account details in the StrongDM Admin UI. Go to Settings > User Management. In the Single Sign-on section, set the following:
    • Provider: Select Google.
    • Single sign-on URL: Add your URL (https://accounts.google.com).
    • Client ID: Paste your client ID.
    • Client Secret: Paste your client secret.
  8. Select your desired general SSO settings and click activate.
  1. First, enable API access. From the Google Admin console, navigate to the Security tab. Under API reference, enable API access.
  2. Navigate to https://console.developers.google.com and click Create Project. On the New Project dialog, set the following:
    • Project name: Give the project a name.
    • Organization: Select strongdm.com.
    • Location: Select strongdm.com.
  3. From the APIs & Services menu, select OAuth consent screen. Then select user type Internal and click Create.
  4. On the Branding page, set the following (in addition to any required fields):
    • Application home page: Enter the appropriate value based on your region (https://app.uk.strongdm.com).
    • Authorized domains: Add strongdm.com as the domain.
  5. From the APIs & Services menu, select Credentials and then click Create Credentials to create a new OAuth client ID. On the page that opens, set the following:
    • Application type: Select Web application.
    • Name: Enter StrongDM.
    • Authorized JavaScript origins: Enter the appropriate value based on your region as the URI (https://app.uk.strongdm.com).
    • Authorized redirect URIs: Enter the appropriate value as the redirect URI (https://app.uk.strongdm.com/auth/return).
  6. Copy the OAuth client ID and client secret. You will need them in a later step.
  7. Next, enter the account details in the StrongDM Admin UI. Go to Settings > User Management. In the Single Sign-on section, set the following:
    • Provider: Select Google.
    • Single sign-on URL: Add your URL (https://accounts.google.com).
    • Client ID: Paste your client ID.
    • Client Secret: Paste your client secret.
  8. Select your desired general SSO settings and click activate.
  1. First, enable API access. From the Google Admin console, navigate to the Security tab. Under API reference, enable API access.
  2. Navigate to https://console.developers.google.com and click Create Project. On the New Project dialog, set the following:
    • Project name: Give the project a name.
    • Organization: Select strongdm.com.
    • Location: Select strongdm.com.
  3. From the APIs & Services menu, select OAuth consent screen. Then select user type Internal and click Create.
  4. On the Branding page, set the following (in addition to any required fields):
    • Application home page: Enter the appropriate value based on your region (https://app.eu.strongdm.com).
    • Authorized domains: Add strongdm.com as the domain.
  5. From the APIs & Services menu, select Credentials and then click Create Credentials to create a new OAuth client ID. On the page that opens, set the following:
    • Application type: Select Web application.
    • Name: Enter StrongDM.
    • Authorized JavaScript origins: Enter the appropriate value based on your region as the URI (https://app.eu.strongdm.com).
    • Authorized redirect URIs: Enter the appropriate value as the redirect URI (https://app.eu.strongdm.com/auth/return).
  6. Copy the OAuth client ID and client secret. You will need them in a later step.
  7. Next, enter the account details in the StrongDM Admin UI. Go to Settings > User Management. In the Single Sign-on section, set the following:
    • Provider: Select Google.
    • Single sign-on URL: Add your URL (https://accounts.google.com).
    • Client ID: Paste your client ID.
    • Client Secret: Paste your client secret.
  8. Select your desired general SSO settings and click activate.