To enable login with Google you first have to create a project and a client in the Google Developer Console. Then you need to copy the client id and secret into the Keycloak Admin Console. Log in to the Google Developer Console. Click the Create Project button. Use any value for Project name and Project ID you want, then click the Create button. Wait for the project to be created (this may take a while). Once the project has been created click on APIs & auth in sidebar on the left. To retrieve user profiles the Google+ API has to be enabled. Scroll down to find it in the list. If its status is OFF, click on OFF to enable it (it should move to the top of the list and the status should be ON). Now click on the Consent screen link on the sidebar menu on the left. You must specify a project name and choose an email for the consent screen. Otherwise users will get a login error. There's other things you can configure here like what the consent screen looks like. Feel free to play around with this. Now click Credentials in the sidebar on the left. Then click Create New Client ID. Select Web application as Application type. Empty the Authorized Javascript origins textarea. In Authorized redirect URI enter the social callback url for your realm. Click the Create Client ID button. Copy Client ID and Client secret from the Google Developer Console into the settings page in the Keycloak Admin Console as the Key and Secret. Then click Save in the Keycloak Admin Console to enable login with Google.