Updated 01/25/2025
If you don't have one, you'll need to setup a Google Project to get your Client ID and Secret. Create a project here
It will make you create a billing account, but using your project for only OAuth is free.
Then create your OAuth client here
| Application type | Web application |
| Name | Portainer |
| Authorized JavaScript origins | https://yourportainersite.com |
| Authorized redirect URIs | https://yourportainersite.com |
| Click Save, then click the Pencil to edit your project. You'll need your Client ID and Client secret below. | |
In Portainer, under Settings > Authentication.
Method: OAuth
Provider: Custom
| Client ID | |
| Client secret | |
| Authorization URL | https://accounts.google.com/o/oauth2/v2/auth |
| Access token URL | https://oauth2.googleapis.com/token |
| Resource URL | https://openidconnect.googleapis.com/v1/userinfo |
| Logout URL | https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=http:// ${YOUR_PORTAINER} |
The logout URL is optional. If you use this one, be advised when you click Logout in Portainer, it will log you out of all Google services. I suggest leaving it blank. | |
| User identifier | email |
| Scopes | email |
| Auth Style | Auto Detect |
Click User-related > Users.
Create a user with the Username matching your email address. Set the password to whatever.
Now logout, and you'll see the Google Login button.
If you run into issues, login with your prior account and double check the settings above, and your settings at the Google Console.
Google hosts their OpenID Configuration file [here](https://accounts.google.com/.well-known/openid-configuration)