NextERP/documentation
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
18.0
documentation/content/applications/general/users/google.md

176 lines
5.9 KiB
Markdown
Raw Permalink Normal View History

convert rst to markdown
2025-02-27 18:56:07 +07:00
# Google Sign-In Authentication
The *Google Sign-In Authentication* is a useful function that allows Odoo users to sign in to their
database with their Google account.
This is particularly helpful if the organization uses Google Workspace, and wants employees within
the organization to connect to Odoo using their Google Accounts.
:::{warning}
Databases hosted on Odoo.com should not use Oauth login for the owner or administrator of the
database as it would unlink the database from their Odoo.com account. If Oauth is set up for that
user, the database will no longer be able to be duplicated, renamed or otherwise managed from
the Odoo.com portal.
:::
:::{seealso}
- {doc}`/applications/productivity/calendar/google`
- {doc}`../email_communication/google_oauth`
:::
(google-sign-in-configuration)=
## Configuration
The integration of the Google sign-in function requires configuration both on Google *and* Odoo.
(google-sign-in-api)=
### Google API Dashboard
1. Go to the [Google API Dashboard](https://console.developers.google.com/).
2. Make sure the right project is opened. If there isn't a project yet, click on {guilabel}`Create
Project`, fill out the project name and other details of the company, and click on
{guilabel}`Create`.
```{image} google/new-project-details.png
:align: center
:alt: Filling out the details of a new project.
```
:::{tip}
Choose the name of the company from the drop-down menu.
:::
(google-sign-in-oauth)=
#### OAuth consent screen
1. On the left side menu, click on {menuselection}`OAuth consent screen`.
```{image} google/consent-selection.png
:align: center
:alt: Google OAuth consent selection menu.
```
2. Choose one of the options ({guilabel}`Internal` / {guilabel}`External`), and click on
{guilabel}`Create`.
```{image} google/consent.png
:align: center
:alt: Choice of a user type in OAuth consent.
```
:::{warning}
*Personal* Gmail Accounts are only allowed to be **External** User Type, which means Google
may require an approval, or for *Scopes* to be added on. However, using a *Google WorkSpace*
account allows for **Internal** User Type to be used.
Note, as well, that while the API connection is in the *External* testing mode, then no
approval is necessary from Google. User limits in this testing mode is set to 100 users.
:::
3. Fill out the required details and domain info, then click on {guilabel}`Save and Continue`.
4. On the {menuselection}`Scopes` page, leave all fields as is, and click on {guilabel}`Save and
Continue`.
5. Next, if continuing in testing mode (*External*), add the email addresses being configured under
the {guilabel}`Test users` step by clicking on {guilabel}`Add Users`, and then the
{guilabel}`Save and Continue` button. A summary of the app registration appears.
6. Finally, scroll to the bottom, and click on {guilabel}`Back to Dashboard`.
(google-sign-in-credentials)=
#### Credentials
1. On the left side menu, click on {menuselection}`Credentials`.
```{image} google/credentials-button.png
:align: center
:alt: Credentials button menu.
```
2. Click on {guilabel}`Create Credentials`, and select {guilabel}`OAuth client ID`.
```{image} google/client-id.png
:align: center
:alt: OAuth client id selection.
```
3. Select {guilabel}`Web Application` as the {guilabel}`Application Type`. Now, configure the
allowed pages on which Odoo will be redirected.
In order to achieve this, in the {guilabel}`Authorized redirect URIs` field, enter the database's
domain immediately followed by `/auth_oauth/signin`. For example:
`https://mydomain.odoo.com/auth_oauth/signin`, then click on {guilabel}`Create`.
4. Now that the *OAuth client* has been created, a screen will appear with the {guilabel}`Client ID`
and {guilabel}`Client Secret`. Copy the {guilabel}`Client ID` for later, as it will be necessary
for the configuration in Odoo, which will be covered in the following steps.
(google-sign-in-auth-odoo)=
### Google Authentication on Odoo
(google-sign-in-client-id)=
#### Retrieve the Client ID
Once the previous steps are complete, two keys are generated on the Google API Dashboard:
{guilabel}`Client ID` and {guilabel}`Client Secret`. Copy the {guilabel}`Client ID`.
```{image} google/secret-ids.png
:align: center
:alt: Google OAuth Client ID generated.
```
(google-sign-in-odoo-activation)=
#### Odoo activation
1. Go to {menuselection}`Odoo General Settings --> Integrations` and activate {guilabel}`OAuth
Authentication`.
:::{note}
Odoo may prompt the user to log-in again after this step.
:::
2. Go back to {menuselection}`General Settings --> Integrations --> OAuth Authentication`, activate
the selection and {guilabel}`Save`. Next, return to {menuselection}`General Settings -->
Integrations --> Google Authentication` and activate the selection. Then fill out the
{guilabel}`Client ID` with the key from the Google API Dashboard, and {guilabel}`Save`.
```{image} google/odoo-client-id.png
:align: center
:alt: Filling out the client id in Odoo settings.
```
:::{note}
Google OAuth2 configuration can also be accessed by clicking on {guilabel}`OAuth Providers`
under the {guilabel}`OAuth Authentication` heading in {menuselection}`Integrations`.
:::
(google-sign-in-log-in)=
## Log in to Odoo with Google
To link the Google account to the Odoo profile, click on {guilabel}`Log in with Google` when first
logging into Odoo.
> ```{image} google/first-login.png
> :align: center
> :alt: Reset password screen with "Log in with Google" button.
> ```
Existing users must {ref}`reset their password <users/reset-password>` to access the
{menuselection}`Reset Password` page, while new users can directly click on {guilabel}`Log in with
Google`, instead of choosing a new password.
:::{seealso}
- [Google Cloud Platform Console Help - Setting up OAuth 2.0](https://support.google.com/cloud/answer/6158849)
:::
Reference in New Issue Copy Permalink