# Google Sign-In

Curiosity supports user authentication via Google Sign-In. This allows users to access the workspace using their Google organization accounts.

# Prerequisites

To configure Google SSO, you will need:

• A Client ID
• A Client Secret
• A Domain for accounts (optional, but recommended)

# Configuration Steps

# 1. Register a Google Application

1. Go to the Google Cloud Console.
2. Create a new project (e.g., "Curiosity SSO").
3. Navigate to OAuth consent screen, select Internal, and click Create.
4. Provide the required application details and save.
5. Go to Credentials, click + Create Credentials, and select OAuth client ID.
6. Choose Web application as the application type.
7. Add the Authorized redirect URI: {domain}/api/googlesso/completed-login-attempt
8. Click Create and note down the Client ID and Client Secret.

# 2. Enter Details in Curiosity

1. In your Curiosity Workspace, navigate to Manage > Settings > Accounts > Single Sign-On.
2. Select Google.
3. Enter the Client ID and Client Secret.
4. (Optional) Enter the Domain for accounts to restrict login to a specific Google domain.
5. Click Save.

# Troubleshooting

• Invalid Client ID: Google will display an error immediately upon redirection.
• Invalid Client Secret: Redirection to Google works, but an error occurs when returning to Curiosity.
• Redirect URI Mismatch: Ensure the URI in Google Console exactly matches your workspace URL.