Skip to main content

How to Set Up Google Single Sign-On (SSO) for Your Firm

This guide explains how to enable Google Single Sign-On (SSO) for your Realaml workspace. Once configured, users in your firm will be able to log in using their Google Workspace accounts instead of a password.

Jordan avatar
Written by Jordan
Updated over a week ago

SSO protocol
Realaml uses OpenID Connect (OIDC) built on OAuth 2.0 for Google Single Sign-On. This is a standard, secure identity protocol supported natively by Google Workspace.

Step 1: Open SSO settings in Realaml

  1. Log in to the Realaml dashboard as an admin.

  2. Go to Settings.

  3. Select the SSO tab.

  4. Ensure Single Sign-On (SSO) is enabled.

  5. Select Google as the provider.

Step 2: Open Google Cloud Console

  1. In the SSO section, click Google Cloud Console.

  2. If you do not already have a Google Cloud project, you will be prompted to create one.

Step 3: Create a Google Cloud project

  1. Click Create project.

  2. Enter a project name (for example: Realaml SSO).

  3. Select the appropriate Organisation and Location.

  4. Click Create.

Step 4: Navigate to OAuth credentials

  1. In Google Cloud Console, go to APIs & Services.

  2. Select Credentials.

  3. Click Create credentials.

  4. Choose OAuth client ID.

If prompted, you will need to configure the OAuth consent screen first.

Step 5: Configure the OAuth consent screen

  1. Click Configure consent screen.

  2. You will be taken to the Branding section.

  3. Click Get started.

App information

  1. Enter an App name (for example: Realaml).

  2. Enter a User support email.

Audience

  1. Select Internal.

    • This restricts access to users within your Google Workspace domain.

  2. Click Next.

Note: Internal only works for Google Workspace domains. Consumer @gmail.com accounts are not supported.
​

Contact information and consent

  1. Enter a contact email address.

  2. Review the details.

  3. Accept the Google API Services User Data Policy.

  4. Click Create.

Step 6: Create an OAuth client ID

  1. After the consent screen is created, click Create OAuth client.

  2. For Application type, select Web application.

  3. Enter a name (for example: Realaml Web App SSO).

Authorized redirect URI

1 - Under Authorized redirect URIs, click Add URI.

2 - Copy the Redirect URL shown in the Realaml SSO settings.

3 - Paste it into Google Cloud.

Authorized JavaScript origins (recommended)

Add the value that matches your Realaml region:

New Zealand (NZ)

https://app.realaml.com

Australia (AU)

https://app-au.realaml.com

Canada (CA)

https://app-ca.realaml.com

4 - Click Create.

Step 7: Copy Client ID and Client Secret

  1. Click the newly created OAuth client.

  2. Copy the Client ID.

  3. Copy the Client Secret.

Step 8: Complete setup in Realaml

  1. Return to the Realaml dashboard.

  2. In Settings > SSO, paste:

    • Client ID

    • Client Secret

  3. Click Save configuration.

  4. Enter your Realaml password to confirm.

Once saved, Google SSO will show as Active.

Step 9: Test Google SSO login

  1. Log out of the Realaml dashboard.

  2. On the login page, enter your email address.

  3. Click Next.

  4. Select your Google account when prompted.

  5. Approve access.

You will be redirected back to the Realaml dashboard.

How SSO works for your team

  • Once enabled, Google SSO applies to all users in your firm who log in with a Google Workspace account.

  • Users no longer need a Realaml password.

  • Access is controlled by your Google Workspace domain.

Do you support SAML?

Realaml does not currently support SAML-based Single Sign-On.

We support OpenID Connect (OIDC) for Google Workspace SSO, which is a modern, secure identity standard built on OAuth 2.0 and supported natively by Google. For most customers using Google Workspace, OIDC is the recommended and preferred approach.

If you need help or run into any issues, contact Realaml support via Intercom or email support@realaml.com

Did this answer your question?