SigNoz Cloud - This page is relevant for SigNoz Cloud editions.
Self-Host - This page is relevant for self-hosted SigNoz editions.

Single Sign-on Authentication With Google Workspace

Overview

This guide walks you through setting up Google Workspace SSO authentication with SigNoz.

What you'll accomplish:

  • Configure Google Workspace as an identity provider (IdP) for SigNoz
  • Enable your team to access SigNoz using their existing Google Workspace accounts

Prerequisites

Before starting, ensure you have:

  • Google Workspace account with Super-Admin access
  • SigNoz account (Cloud or Self-Hosted) with administrative access
  • Your SigNoz instance URL (e.g., https://signoz.example.com)

Configuration Steps

Step 1: Create OAuth 2.0 Credentials in Google Cloud

  1. Visit the Google Cloud Console → Credentials
  2. Select or create a project for SigNoz
  3. Click Create credentials → OAuth client ID → Web application
  4. Add an Authorized redirect URI:
    https://${SIGNOZ_BASEURL}/api/v1/complete/google
  5. Click Create and note the Client ID and Client Secret. You'll paste these into SigNoz shortly

Step 2: Configure SigNoz for Google Authentication

Now you'll configure SigNoz to accept authentication from Google Workspace:

  1. Navigate to SigNoz Settings:

    • Go to your SigNoz dashboard
    • Click on Settings in the left sidebar
    • Navigate to Organization Settings
    • Click on Authenticated Domains

  2. Add New Domain:

    • Click Add a Domain
    • Enter your company domain (e.g., example.com for users with @example.com emails)

  3. Enter Configuration Details:

    Domain: example.com
Google Client ID: <client-id-from-google>
Google Client Secret: <client-secret-from-google>

    Where to find these values:

    • Domain: The email domain for users who should use SSO (e.g., example.com for users with @example.com emails)
    • Google Client ID: The Client ID from Google Cloud Console
    • Google Client Secret: The Client Secret from Google Cloud Console

  4. Save Configuration:

    • Click Save to apply the Google authentication configuration

Step 3: Enforce SSO

Back in the domain list, toggle Enforce SSO. From now on, all users with the email format <user>@your-email-domain.com will be forced to log in through Google.

Step 4: Test the Setup

Open a private/incognito window and visit your SigNoz URL. You will be redirected to Google for authentication and then back to SigNoz.

Troubleshooting

Common issues and solutions:

  • "Authentication failed" error: Check that the redirect URI exactly matches https://${SIGNOZ_BASEURL}/api/v1/complete/google in Google Cloud
  • Stuck in a login loop: Ensure Enforce SSO is enabled and the user's email domain matches the configured authenticated domain
  • Locked out?: If you're unable to login because of faulty setup, use password authentication by appending ?password=Y to your login URL: <your-instance-url>/login?password=Y

Next Steps

Once Google Workspace SSO is configured:

  • Users with your organization's email domain can sign in without prior invites
  • Admins can manage user roles within SigNoz after they sign in
  • Consider setting up additional security policies in Google Workspace for enhanced security

Last updated: October 21, 2025

Edit on GitHub

Was this page helpful?

Prev
Microsoft Entra ID - SAML Authentication
Next
Statistics Reporting
On this page
Overview
Prerequisites
Configuration Steps
Step 1: Create OAuth 2.0 Credentials in Google Cloud
Step 2: Configure SigNoz for Google Authentication
Step 3: Enforce SSO
Step 4: Test the Setup
Troubleshooting
Next Steps
Docs
IntroductionContributingMigrate from DatadogSigNoz API
Community
Support
Slack
X
Launch Week
Changelog
Dashboard Templates
DevOps Wordle
Newsletter
KubeCon, Atlanta 2025
More
SigNoz vs DatadogSigNoz vs New RelicSigNoz vs GrafanaSigNoz vs Dynatrace
Careers
AboutTermsPrivacySecurity & Compliance
SigNoz
All systems operational