tiennm99/danswer-docs
1
0
Fork 0
mirror of https://github.com/tiennm99/danswer-docs.git synced 2026-06-17 18:48:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ceef9eca5e4e0e4e04b4c77c4fe31abcbb04a49e
danswer-docs/google_oauth_setup.mdx
T
Yuhong Sun f528cc9798 Update Google OAuth Setup Guide
2023-07-16 16:26:13 -07:00

81 lines
2.8 KiB
Plaintext
Raw Blame History

---
title: "Google OAuth Setup"
description: "How to set up user login via Google OAuth"
---
## Setting up the Google Cloud App
Create a google project: https://console.cloud.google.com/projectcreate
## Enabling the People API
Enable the **Google People API** here: https://console.cloud.google.com/apis/library/people.googleapis.com
Be sure to have the right project selected.
## Setting up the OAuth Consent Screen
Go to **APIs & Services** on the left hand tab (see image below).
Then select **OAuth Consent screen** page.
![GoogleOAuthConsentMenu](/images/google_oauth_setup/GoogleOAuthConsentMenu.png)
Under OAuth Consent screen select either Internal or External
- Companies with a **Google Workspace** should choose `Internal`
- Otherwise choose `External`
On the next page:
- Provide an app name (can go with `Danswer`)
- Provide any email you own (or danswer.dev@gmail.com if you want us to handle questions from your Danswer users)
- Upload the Danswer logo (or leave blank)
- The **Developer contact information** can be any email you own (or again, danswer.dev@gmail.com)
![GoogleApp](/images/google_oauth_setup/GoogleApp.png)
Leave the optional fields blank
Click **SAVE AND CONTINUE**
Leave the next two pages for **Scopes** and **Test users** blank.
## Setting up Credentials
Still under **APIs & Services**, go to **Credentials** on the left hand bar
Click on **+CREATE CREDENTIALS** and choose `OAuth client ID`
Select `Web application` then call it `Danswer`
Add a `Authorized JavaScript origins` as:
- `http://localhost:3000` for local or replace with `WEB_DOMAIN` if setting up for prod.
Add a `Authorized redirect URIs` as:
- `http://localhost:3000/auth/google/callback` for local setup or your `WEB_DOMAIN` if setting up for prod.
Click **CREATE** and save the Client ID and Client Secret for use in the next section
## Turning on OAuth in Danswer
OAuth is controlled by 4 environment variables, regardless of deployment choice
(non-containerized, docker compose, kubernetes). To turn the feature on set:
- `DISABLE_AUTH=False`
- `ENABLE_OAUTH=True`
- `GOOGLE_OAUTH_CLIENT_ID=<your client id from above>`
- `GOOGLE_OAUTH_CLIENT_SECRET=<your client secret from above>`
### Non Containerized
Simply set the above environment variables when running the different Danswer processes.
- The backend api server requires all of them
- The frontend just requires `DISABLE_AUTH=False`
### Docker Compose
Simply set the 4 environment variables in a file called **.env** under **danswer/deployment/docker_compose**.
### Kubernetes
Kubernetes deployment was designed for production use and assumes that user Auth is a required feature therefore it is
on by default. To set up the required values, replace the `REPLACE-THIS` values in secrets.yaml with thebase64 encoded
client ID and client secret from above.
Reference in New Issue View Git Blame Copy Permalink