tiennm99/danswer-docs
1
0
Fork 0
mirror of https://github.com/tiennm99/danswer-docs.git synced 2026-06-17 16:48:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7ee849fa631cea667f04a45fdb340e73591b9e9e
danswer-docs/google_oauth_setup.mdx
T
Yuhong Sun 32223a6431 Added Google OAuth setup page
2023-07-15 18:54:58 -07:00

82 lines
2.8 KiB
Plaintext
Raw Blame History

---
title: "Google OAuth Setup"
description: "How to set up user login via Google OAuth"
---
## Setting up the Google Cloud App
Create a google project: https://console.cloud.google.com/projectcreate
## Enabling the People API
Enable the **Google People API** here: https://console.cloud.google.com/apis/library/people.googleapis.com
Be sure to have the right project selected.
## Setting up the OAuth Consent Screen
Go to **APIs & Services** on the left hand tab (see image below).
Then select **OAuth Consent screen** page.
![GoogleOAuthConsentMenu](/images/google_oauth_setup/GoogleOAuthConsentMenu.png)
Under OAuth Consent screen select either Internal or External
- Companies with a **Google Workspace** should choose `Internal`
- Otherwise choose `External`
On the next page:
- Provide an app name (can go with `Danswer`)
- Provide any email you own (or danswer.dev@gmail.com if you want us to handle questions from your Danswer users)
- Upload the Danswer logo (or leave blank)
- The **Developer contact information** can be any email you own (or again, danswer.dev@gmail.com)
![GoogleApp](/images/google_oauth_setup/GoogleApp.png)
Leave the optional fields blank
Click **SAVE AND CONTINUE**
Leave the next two pages for **Scopes** and **Test users** blank.
## Setting up Credentials
Still under **APIs & Services**, go to **Credentials** on the left hand bar
Click on **+CREATE CREDENTIALS** and choose `OAuth client ID`
Select `Web application` then call it `Danswer`
Add a `Authorized JavaScript origins` as:
- `http://localhost:3000` for local or replace with `WEB_DOMAIN` if setting up for prod.
Add a `Authorized redirect URIs` as:
- `http://localhost:3000/auth/google/callback` for local setup or your `WEB_DOMAIN` if setting up for prod.
Click **CREATE** and save the Client ID and Client Secret for use in the next section
## Turning on OAuth in Danswer
OAuth is controlled by 4 environment variables, regardless of deployment choice
(non-containerized, docker compose, kubernetes). To turn the feature on set:
- `DISABLE_AUTH=False`
- `ENABLE_OAUTH=True`
- `GOOGLE_OAUTH_CLIENT_ID=<your client id from above>`
- `GOOGLE_OAUTH_CLIENT_SECRET=<your client secret from above>`
### Non Dockerized
Simply set the above environment variables when running the different Danswer processes.
### Docker Compose
If using **docker-compose.dev.yaml**, `DISABLE_AUTH` is set to `True` by default in the yaml file which has higher
priority than the **.env** file. Make sure to delete `DISABLE_AUTH` from the dev yaml.
If using the **docker-compose.prod.yaml**, `DISABLE_AUTH` is not set so no need to edit the yaml.
Then set the 4 environment variables in a file called **.env** under **danswer/deployment/docker_compose**.
### Kubernetes
Simply replace the `REPLACE-THIS` values in secrets.yaml with thebase64 encoded client ID and client secret from above.
Reference in New Issue View Git Blame Copy Permalink