Restrict Access with Google Workspace
Google Workspace authentication lets you make a status page private and grant access via existing Google Workspace accounts. Visitors click Sign in with Google, complete the standard Google login flow, and land on your status page — no shared password or separate account needed.
You can optionally restrict access to a specific Workspace domain (e.g. acme.com), so only members of your organisation can log in.
Prerequisite: Private status pages are available on paid plans. Google Workspace authentication is one of the access methods within private mode. See Private Status Pages for an overview of all access methods.
How It Works
- A visitor arrives at your private status page and sees the gate page
- They click Sign in with Google
- Google authenticates them
- If a hosted domain is configured, the platform checks the account’s domain matches
- If authentication succeeds, they are admitted for 1 hour
Prerequisites
- A paid StatusPage.me plan
- A Google Cloud project (free to create)
- Your status page must have Private Mode enabled
Step 1 — Create OAuth Credentials in Google Cloud
- Go to Google Cloud Console and select or create a project
- In the left menu, go to APIs & Services → Credentials
- Click Create Credentials → OAuth 2.0 Client ID
- If prompted, configure the OAuth consent screen first:
- Set User type to Internal (limits login to your Workspace domain only) or External
- Fill in the required fields (app name, support email)
- No scopes need to be added beyond the defaults
- Back in Create OAuth 2.0 Client ID:
- Set Application type to Web application
- Add an Authorized redirect URI (see below)
- Click Create and copy the Client ID and Client Secret
Redirect URI
https://<your-status-page-url>/auth/google/callback
Examples:
https://acme.statuspage.me/auth/google/callbackhttps://status.acme.com/auth/google/callback(if using a custom domain)
Step 2 — Configure in StatusPage.me
- Go to your status page Settings → Access
- Make sure Private Status Page is toggled on
- Click Access Settings
- Expand Google Workspace
- Toggle Enable Google Workspace authentication on
- Enter your Client ID and Client Secret
- Optionally, enter your Hosted Domain (e.g.
acme.com) to restrict login to that domain - Click Save Access Settings, then Save Settings
Hosted Domain (optional)
If you fill in the Hosted Domain field, only users whose Google account belongs to that Workspace domain can log in. Leave it blank to allow any Google account.
Step 3 — Test the Flow
- Open your status page in a private/incognito browser window
- You should see the gate page with a Sign in with Google button
- Click it and sign in with a Google Workspace account
- After authentication, you should land on your status page
Combining With Other Methods
Google Workspace can be enabled alongside other access methods. A common setup:
- Google Workspace for remote employees
- IP Allowlist for the office network (bypasses login entirely)
See Private Status Pages — Combining Methods.
Troubleshooting
“Sign in with Google” button does not appear
- Confirm Google Workspace authentication is toggled on and settings are saved
- Confirm Private Status Page is enabled
- Check that both Client ID and Client Secret are filled in
“Authentication failed. Please try again.”
- The Client Secret is incorrect or was not saved correctly
- The Redirect URI in Google Cloud Console doesn’t exactly match your status page URL
“Your email domain is not allowed.”
The Hosted Domain field is set and the signed-in account’s domain doesn’t match. Either update the hosted domain in settings or ask the user to sign in with the correct Workspace account.
Redirect URI mismatch error from Google
The redirect URI you entered in Google Cloud Console must exactly match the one used by the platform — including https:// and the path /auth/google/callback. Copy it directly from the status page settings info box.