Enable BigQuery OAuth connections (Helm)

This document will walk you through the process of setting up OAuth connections in your CARTO Self-hosted installation, enabling secure and seamless authentication when creating your BigQuery connections from the CARTO platform.

Pre-requisites

1. Create an OAuth Consent Screen inside your Google Cloud Platform project

The first thing that has to be configured is an OAuth consent screen to allow the creation of OAuth connections. You'll have to navigate to APIs & Services > OAuth consent screen and enable this by filling up the application name, a support email for your consent screen, the authorized domain for your application and an email for developer contact. The authorized domain you choose should be the one used in the emails that will to use that feature..

The following are required to be able to create a BigQuery OAuth connection from CARTO platform.

• https://www.googleapis.com/auth/userinfo.email

• https://www.googleapis.com/auth/userinfo.profile

• https://www.googleapis.com/auth/bigquery

2. Create an OAuth credentials

Navigate to APIs & Services > Credentials > Create credentials to access the OAuth credentials creation form. The following details will be required to create the OAuth client ID:

• Application type: Web application.

• Authorized JavaScript origins: https://<your_selfhosted_domain>.

• Authorized redirect URIs: https://<your_selfhosted_domain>/connections/bigquery/oauth.

Once the create button is clicked, you should be able to download the credentials generated for your application. These credentials will contain the required client_id and client_secret to enable OAuth connections in the CARTO installation.

Setup

Add the following lines to your customizations.yaml using the values you obtained from the credentials file:

Once you've configured your CARTO Self-Hosted platform to use the OAuth credentials created in GCP, the Sign in with Google button should be available creating a BigQuery connection from the Workspace