[[_google]] ==== Google .Procedure . Click *Identity Providers* in the menu. . From the `Add provider` list, select `Google`. + .Add identity provider image:images/google-add-identity-provider.png[Add Identity Provider] + . In a separate browser tab open https://console.cloud.google.com/[the Google Cloud Platform console]. . In the Google dashboard for your Google app, click the *OAuth consent screen* menu. Create a consent screen, ensuring that the user type of the consent screen is external. . In the Google dashboard: .. Click the *Credentials* menu. .. Click *CREATE CREDENTIALS* - *OAuth Client ID*. .. From the *Application type* list, select *Web application*. .. Click *Create*. .. Note *Your Client ID* and *Your Client Secret*. . In {project_name}, paste the value of the *Your Client ID* into the *Client ID* field. . In {project_name}, paste the value of the *Your Client Secret* into the *Client Secret* field. . Click *Add* . Enter the required scopes into the *Default Scopes* field. By default, {project_name} uses the following scopes: `openid` `profile` `email`. See the https://developers.google.com/oauthplayground/[OAuth Playground] for a list of Google scopes. . To restrict access to your GSuite organization's members only, enter the G Suite domain into the `Hosted Domain` field. . Click *Save*.