SSO
Google Workspace SSO
Use this guide when your organization signs in with Google Workspace accounts. Lettermint uses Google's OpenID Connect discovery document and an OAuth 2.0 web application client.
Before you start
You need access to the Google Cloud project used for your Workspace login configuration. Google requires an OAuth 2.0 client ID and client secret, and the redirect URI registered in Google Cloud must exactly match the Lettermint OIDC callback URL from the SSO guide.
Google Cloud setup
- Open the Google Cloud Console.
- Create or select the project that should own the OAuth client.
- Configure the OAuth consent screen for your organization.
- Create an OAuth client ID with application type Web application.
- Add the Lettermint OIDC callback URL from the SSO guide as an authorized redirect URI.
- Copy the client ID and client secret.
Lettermint setup
In the Lettermint SSO setup screen, choose Google Workspace and enter:
| Field | Value |
|---|---|
| Domain | Your Workspace email domain, for example example.com. |
| Metadata URL | https://accounts.google.com/.well-known/openid-configuration |
| Client ID | The OAuth client ID from Google Cloud. |
| Client secret | The OAuth client secret from Google Cloud. |
Lettermint requests the openid, email, and profile scopes.
References
Last modified on