Configuration

In your .env file, make sure you have the following value set.

TRACECAT__AUTH_TYPES=google_oauth

Prerequisites

  • Create a Google project. Link here.
  • Enable the Google People API for the created project. Link here.

Instructions

1

Set up OAuth consent screen in Google

Go to APIs & Services and select the OAuth Consent screen page.

  1. Create a new app.
  2. Set Authorized JavaScript origins to the domain you’re serving Tracecat from. For the local Docker Compose deployment, it’ll be http://localhost.
  3. Set the Authorized redirect URIs to: <your-domain>/auth/oauth/callback.

2

Set up credentials in Google

Go to APIs & Services and select the Credentials page.

  1. Under the OAuth 2.0 Client IDs section, select the app you created in the previous step.
  2. You will now see the following Additional Information on the right hand side of the screen.

  1. Copy the Client ID and Client secret in a secure location for storing secrets.
3

Configure environment variables in Tracecat

Go into the .env file and set the following variables:

OAUTH_CLIENT_ID=<your-google-oauth-client-id>
OAUTH_CLIENT_SECRET=<your-google-oauth-client-secret>
4

Restart Tracecat

Run docker compose up.

Basic AuthOkta SAML SSO