. In the Google dashboard for your Google app, in the Navigation menu on the left side, hover over *APIs & Services* and then click on the *OAuth consent screen* option. Create a consent screen, ensuring that the user type of the consent screen is *External*.
. Enter the required scopes into the *Default Scopes* field. By default, {project_name} uses the following scopes: `openid` `profile` `email`. See the https://developers.google.com/oauthplayground/[OAuth Playground] for a list of Google scopes.
. To restrict access to your GSuite organization's members only, enter the G Suite domain into the `Hosted Domain` field.