Google SSO is enabled
Configured via environment variables.
<% if Wabosign::GOOGLE_ALLOWED_DOMAINS.any? %>
Allowed Workspace domain<%= 's' if Wabosign::GOOGLE_ALLOWED_DOMAINS.size > 1 %>:
<%= Wabosign::GOOGLE_ALLOWED_DOMAINS.join(', ') %>.
<% else %>
Warning: no domain allowlist set — any Google account may sign in. Set GOOGLE_ALLOWED_DOMAINS to restrict.
<% end %>
Google SSO is not configured
Set GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET, and GOOGLE_ALLOWED_DOMAINS (comma-separated) and restart the app. The OAuth redirect URI to register in Google Cloud Console is <%= "#{root_url}users/auth/google_oauth2/callback" rescue '/users/auth/google_oauth2/callback' %>.
SAML 2.0 SSO is not bundled with this open-source edition. To enable it, add ruby-saml and devise-saml-authenticatable and wire the ACS/SLO/metadata routes; encrypted config is stored under the saml_configs key on the account.