# Google Authentication in Linux

> To connect to Google Services through a remote Sisense server, you need to create a Google application to obtain OAuth 2.0 client credentials from Google and then add those credentials to a manifest file on your Sisense Server.

*Source: https://docs.sisense.com/main/SisenseLinux/google-authentication-in-linux.htm*

---

Last updated: June 10, 2026

|  |  |
| --- | --- |
| [Tier](https://www.sisense.com/pricing/#pricing) | [Deployment](https://docs.sisense.com/main/SisenseLinux/introduction-to-sisense-cloud-managed-services.md#ComparisonofManagedCloudandSelfHosted) |
| Enterprise | Cloud     On-Prem |

When you connect to Google from Sisense, you can authenticate your account with your Google credentials if you are
working from the localhost. If however, you are connecting remotely to the Sisense server, and the address of the
Sisense Web Application is something other than localhost, Google requires that you connect using the OAuth 2.0
protocol. The OAuth 2.0 authorization framework enables a third-party, in this case, Sisense, to obtain limited
access to an HTTP service such as Google Sheets.

To connect to Google Services through a remote Sisense server, you need to create a Google application to obtain
OAuth 2.0 client credentials from Google and then add those credentials to a manifest file on your Sisense Server.

**Note:**
  

Google Authentication is not supported by the Sisense mobile application because Google applies a restriction on
mobile applications using WebView components. For more information, see [Modernizing OAuth interactions in Native Apps for Better Usability and Security](https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html).

  

## Creating a Google Application

Google OAuth 2.0 requires you to create a Google API Console project and set up authorized JavaScript origins and
redirect URIs. Sisense has built-in credentials for the default Google application so you can connect from
localhost. For security reasons, you should create and set up your own Google application to support the Google
OAuth 2.0 protocol. Your Sisense Administrator needs to configure it one time (for each connector with OAuth 2.0
authorization flow after each installation). The Google OAuth2.0 flow will work for all users after it.

**To create a Google application:**

1. Prepare a Linux Virtual Machine with internal domain access.
2. Go to the [Google API
   Console](https://console.developers.google.com/project/_/apiui/apis/library).
3. Select an existing project or create a new one by selecting **CREATE PROJECT**.
     
   ![image.png](https://docs.sisense.com/main/Resources/Images/image(120).png)

   If you are creating a new project, go to Step 4. If you select an existing project, go to Step 5.
4. In the **New Project** area, define a project name and select a location. Click
   **CREATE**.
     
   ![Image(121)](https://docs.sisense.com/main/Resources/Images/image(121).png)
5. The API Library opens. Click **← API Library** on the top left to close it.
6. In the sidebar under "APIs & Services", select **Credentials**.
7. If this is a new project, click **CONFIGURE CONSENT SCREEN**.
8. In the OAuth consent screen, select the user type:
   - **Internal**: only for users in your organization
   - **External**: for any user with a Google account
9. Click **CREATE**.
10. In **Authorized domains**, enter the domains from where you will connect to the Google API, for
    example, yourcompanyname.com. Then click **Save**.

    **Note:**  

    If you are configuring remote access for SSL setup servers (https://), make sure that both the authorized
    domain and the callback url are configured with the https prefix.
11. In the sidebar, click **Credentials**.
12. Click **+ CREATE CREDENTIALS** and select **OAuth client ID**.
      
    ![Image(122)](https://docs.sisense.com/main/Resources/Images/image(122).png)
13. Under **Application type**, select **Web application** (more information [here](https://support.google.com/googleapi/answer/6158849)).

    In the **Name** field, you can enter the name you will see in the console.
14. In the **Authorized JavaScript origins** field, enter the origin for your app - a unique
    combination of protocol, hostname, and port. You can enter multiple origins to allow for your app to run on
    different protocols, domains, or subdomains. You cannot use public IP addresses, wildcards, paths and trailing
    slashes. Do not use localhost for production for security reasons (only dev, test and staging environments).
      
    `http://localhost:8080`  
    `https://myproductionurl.example.com`
15. The **Authorized redirect URI** is the path in your application that users are redirected to after
    they have authenticated with Google. The path will be appended with the authorization code for access. For
    example, for Google BigQuery it would be: `http://APP_URL/oauth/R29vZ2xlQmlnUXVlcnk=/callback`.
16. Press **Enter**.

    **Note:**  
    - Must have a protocol
    - Cannot contain URL fragments or relative paths
    - Cannot be a public IP address
17. The redirect URI must match the client side domain and be added to console APIs or you will get a
    redirect\_uri\_mismatch error.

    **Note:**  

    If you are configuring remote access for SSL setup servers (https://), make sure that both the authorized
    domain and the callback URL are configured with the https prefix.

      

    **Google Sheets:** `http://APP_URL/oauth/R29vZ2xlIFNwcmVhZHNoZWV0cw==/callback`  
    **Google Analytics:** `http://APP_URL/oauth/R29vZ2xlQW5hbHl0aWNz/callback`  
    **Google Ads:** `http://APP_URL/oauth/R29vZ2xlQWR3b3Jkcw==/callback`  
    **Google BigQuery:** `http://APP_URL/oauth/R29vZ2xlQmlnUXVlcnk=/callback`

    For Sisense it should be in format:

    `http://APP_URL/oauth/R29vZ2xlIFNwcmVhZHNoZWV0cw==/callback`  
    where `'/oauth/R29vZ2xlIFNwcmVhZHNoZWV0cw==/callback'` is a hardcoded immutable string.

    For example,

    `http://APP_URL/oauth/R29vZ2xlIFNwcmVhZHNoZWV0cw==/callback`

    If you are using a base URL, the format of the callback will be:

    `http://APP_URL/oauth/R29vZ2xlIFNwcmVhZHNoZWV0cw==/callback`

    For example:

    `https://APP_URL/reporting/oauth/R29vZ2xlIFNwcmVhZHNoZWV0cw==/callback`  
    where base URL is 'https://APP\_URL/reporting'. The origin for this base URL will be
    `'https://baseurl.sisense.com'`.

    **Note:**  

    The Google OAuth2.0 redirect URL does not allow spaces, so Sisense has encoded the provider's name (Google
    Spreadsheets) into the base64 format `- R29vZ2xlIFNwcmVhZHNoZWV0cw==`. If you want to use
    another OAuth2.0 connector, you should add on this step redirect URL with appropriate base64 encoded
    provider name.
18. Click **Create**. In the OAuth section, you will receive your client ID and secret.
19. Copy the client ID and secret. You will need to add these credentials in the Connection window.
20. In the sidebar under "APIs & Services", select **Library**.
      
    ![image.png](https://docs.sisense.com/main/Resources/Images/image(123).png)

    Search for the relevant Google API, open it and click **Enable** (note that the first three are
    required if connecting to Google Sheets).

    - Google Drive API
    - Google Cloud Storage JSON API
    - Google Sheets API
    - Google Analytics Reporting API (this one is enabled by default, but it can be disabled if you have
      custom configuration in your project)

## Creating a New Connection

To create new connection for building data models, follow the instructions for the corresponding connector — [Connecting to Google Sheets](https://docs.sisense.com/main/SisenseLinux/connecting-to-google-sheets.md) or [Connecting to Google BigQuery](https://docs.sisense.com/main/SisenseLinux/connecting-to-google-bigquery.md).
