⚠️ Important: TAC does not support SAML configurations, so OpenID Connect (OIDC) must be used.

Step 1: Create a Project in Google Cloud

1. Log in to the Google Cloud Console:
   • Go to Google Cloud Console and sign in with an administrator account.
2. Create a new project:
   • Click on Select a project at the top.
   • Click New project.
   • Enter a name for your project (e.g., TAC-SSO) and select the correct organization.
   • Click Create.

Step 2: Enable OpenID Connect API

1. In the left menu, go to APIs & Services → Dashboard.
2. Click + Enable APIs and Services.
3. Search for Google Identity and select "Google Identity Platform".
4. Click Enable.

Step 3: Create OAuth 2.0 Credentials

1. Go to: APIs & Services → Credentials.
2. Click + Create Credentials → OAuth Client ID.
3. Under Application Type, select Web Application.
4. Fill in the required fields:
   • Name: TAC SSO
   • Authorized redirect URIs:
     • https://tac.touchandcontact.com/Login
     • https://company.touchandcontact.com/Login
5. Click Create.

Step 4: Configure OpenID Connect Scopes

When configuring OpenID Connect for TAC, you must grant the appropriate permissions. The required scopes are: