Google OAuth Setup

​

Setting up the Google Cloud App

​

Enabling the People API

​

Setting up the OAuth Consent Screen

1. Go to APIs & Services in the left sidebar.
2. Select OAuth Consent Screen.

• Choose Internal if your organization uses Google Workspace.
• Otherwise, choose External.

• App name: Hymalaia (or any name you prefer)
• User support email: Your email (or support@hymalaia.com)
• App logo: Optional (use the Hymalaia logo or leave blank)
• Developer contact information: Your email (or support@hymalaia.com)

​

Setting up Credentials

1. Go to Credentials in the sidebar.
2. Click + CREATE CREDENTIALS → OAuth client ID.
3. Select Web application and name it Hymalaia.
4. Set Authorized JavaScript origins:

http://localhost:3000
https://<WEB_DOMAIN>  // e.g. https://www.hymalaia.com

5. Set Authorized redirect URIs:

http://localhost:3000/auth/oauth/callback
https://<WEB_DOMAIN>/auth/oauth/callback

​

Turning on OAuth in Hymalaia

AUTH_TYPE=google_oauth
OAUTH_CLIENT_ID=<your client id>
OAUTH_CLIENT_SECRET=<your client secret>

WEB_DOMAIN=https://<your-domain>

​

Non-Containerized Setup

• Backend API uses the variables.
• Frontend queries the API to determine the auth setting.

​

Docker Compose

AUTH_TYPE=google_oauth
OAUTH_CLIENT_ID=<your client id>
OAUTH_CLIENT_SECRET=<your client secret>
WEB_DOMAIN=https://<your-domain>

​

Kubernetes

apiVersion: v1
kind: Secret
metadata:
  name: hymalaia-oauth-secret
  namespace: hymalaia
stringData:
  OAUTH_CLIENT_ID: <base64-client-id>
  OAUTH_CLIENT_SECRET: <base64-client-secret>