Google OpenID Setup

This guide walks through a basic setup allowing Google users to authenticate with your Kasm deployment.

Reference Docs:

Creating a Google OAuth App

  1. Login to the Google Developer Console:

  2. Select OAuth consent screen.

  3. Select External then click Create.


In this example, we walk through creating an integration where any Google user can auth with the Kasm app. This is ideal for a public facing deployment. Choose Internal if only user from your Google Workspaces corporate account should be allowed to authenticate.


OAuth Consent

  1. Provide values for the App Name , User support email, and Developer Contact email.

  2. In the Authorized Domains section, enter your deployment’s top private domain (e.g

  3. Click Save and Continue.


App Registration

  1. Click Add or Remove Scopes.

  2. In the Update Selected Scopes window check .../auth/ , then click Update.


Update Selected Scopes

  1. Click Save and Continue.

  2. Until the app is fully verified and published it can only be used to auth specific test accounts. Click Add Users to authorize several test google accounts.

  3. Click Save and Continue.

  4. In the APIs & Services menu, select Credentials.

  5. Select Create Credentials, then OAuth client ID.


Create Credentials

  1. Select Web Application as the Application type, then give the client a name (e.g Kasm).

  2. Click Add URI in the Authorized redirect URIs section, and enter https://<kasm deployment hostname>/api/oidc_callback.

  3. Click Create.


Create OAuth Client

17. A dialogue will display with a Client ID and Client Secret. Save these values for the next configuration steps. The JSON download will also include URLs needed for the next configuration steps.


Client ID and Client Secret

Kasm OpenID Config

  1. Log into the Kasm UI as an administrator.

  2. Select Access Management -> Authentication -> OpenID -> Add Config.

  3. Update the form with the following entries, using the Client ID and Client Secret gathered in the previous section.



Display Name

Continue with Google

Logo URL



Auto Login






Client ID

<Client ID From Google OAuth App>

Client Secret

<Client Secret from Google OAuth App>

Authorization URL

Token URL

User Info URL



Username Attribute


Groups Attribute





Kasm OIDC Configurations

  1. Click Save to save the changes.

Google Login Test

  1. Logout of the Kasm to display the login screen. The OpenID configuration should be shown.


Login Screens

  1. Click Continue with Google.

  2. The user is redirected to Google for auth.


Google Auth

  1. Upon completion, the user is logged into the Kasm app.