Added Google OAuth setup page

google_oauth_setup.mdx

@@ -0,0 +1,81 @@
+---
+title: "Google OAuth Setup"
+description: "How to set up user login via Google OAuth"
+---
+
+## Setting up the Google Cloud App
+Create a google project: https://console.cloud.google.com/projectcreate
+
+
+## Enabling the People API
+Enable the **Google People API** here: https://console.cloud.google.com/apis/library/people.googleapis.com
+
+Be sure to have the right project selected.
+
+
+## Setting up the OAuth Consent Screen
+Go to **APIs & Services** on the left hand tab (see image below).
+
+Then select **OAuth Consent screen** page.
+
+![GoogleOAuthConsentMenu](/images/google_oauth_setup/GoogleOAuthConsentMenu.png)
+
+Under OAuth Consent screen select either Internal or External
+- Companies with a **Google Workspace** should choose `Internal`
+- Otherwise choose `External`
+
+On the next page:
+- Provide an app name (can go with `Danswer`)
+- Provide any email you own (or danswer.dev@gmail.com if you want us to handle questions from your Danswer users)
+- Upload the Danswer logo (or leave blank)
+- The **Developer contact information** can be any email you own (or again, danswer.dev@gmail.com)
+
+![GoogleApp](/images/google_oauth_setup/GoogleApp.png)
+
+Leave the optional fields blank
+
+Click **SAVE AND CONTINUE**
+
+Leave the next two pages for **Scopes** and **Test users** blank.
+
+
+## Setting up Credentials
+Still under **APIs & Services**, go to **Credentials** on the left hand bar
+
+Click on **+CREATE CREDENTIALS** and choose `OAuth client ID`
+
+Select `Web application` then call it `Danswer`
+
+Add a `Authorized JavaScript origins` as:
+- `http://localhost:3000` for local or replace with `WEB_DOMAIN` if setting up for prod.
+
+Add a `Authorized redirect URIs` as:
+- `http://localhost:3000/auth/google/callback` for local setup or your `WEB_DOMAIN` if setting up for prod.
+
+Click **CREATE** and save the Client ID and Client Secret for use in the next section
+
+
+## Turning on OAuth in Danswer
+OAuth is controlled by 4 environment variables, regardless of deployment choice
+(non-containerized, docker compose, kubernetes). To turn the feature on set:
+- `DISABLE_AUTH=False`
+- `ENABLE_OAUTH=True`
+- `GOOGLE_OAUTH_CLIENT_ID=<your client id from above>`
+- `GOOGLE_OAUTH_CLIENT_SECRET=<your client secret from above>`
+
+
+### Non Dockerized
+Simply set the above environment variables when running the different Danswer processes.
+
+
+### Docker Compose
+If using **docker-compose.dev.yaml**, `DISABLE_AUTH` is set to `True` by default in the yaml file which has higher
+priority than the **.env** file. Make sure to delete `DISABLE_AUTH` from the dev yaml.
+
+If using the **docker-compose.prod.yaml**, `DISABLE_AUTH` is not set so no need to edit the yaml.
+
+Then set the 4 environment variables in a file called **.env** under **danswer/deployment/docker_compose**.
+
+
+### Kubernetes
+Simply replace the `REPLACE-THIS` values in secrets.yaml with thebase64 encoded client ID and client secret from above.

mint.json

@@ -33,6 +33,7 @@
       "pages": [
         "introduction",
         "quickstart",
+        "google_oauth_setup",
         "advanced_setup",
         "slack_bot_setup",
         "contact_us"