Oauth authentication in Apache SuperSet

You have to change the superset_config.py. Look at this example config, it works for me.

import osfrom flask_appbuilder.security.manager import AUTH_OID, AUTH_REMOTE_USER, AUTH_DB, AUTH_LDAP, AUTH_OAUTHbasedir = os.path.abspath(os.path.dirname(__file__))ROW_LIMIT = 5000SUPERSET_WORKERS = 4SECRET_KEY = 'a long and random secret key'SQLALCHEMY_DATABASE_URI = ‘postgresql://username:pass@host:port/dbname’CSRF_ENABLED = TrueAUTH_TYPE = AUTH_OAUTHAUTH_USER_REGISTRATION = TrueAUTH_USER_REGISTRATION_ROLE = "Public"OAUTH_PROVIDERS = [    {       'name': 'google',       'whitelist': ['@company.com'],   'icon': 'fa-google',   'token_key': 'access_token',    'remote_app': {        'base_url': 'https://www.googleapis.com/oauth2/v2/',        'request_token_params': {              'scope': 'email profile'            },        'request_token_url': None,        'access_token_url':                 'https://accounts.google.com/o/oauth2/token',        'authorize_url': 'https://accounts.google.com/o/oauth2/auth',        'consumer_key': 'GOOGLE_AUTH_KEY',        'consumer_secret': 'GOOGLE_AUTH_SECRET'          }       }]

2021 update: The FAB OAuth provider schema seems like it changed a bit since this answer. If you're trying to do this with Superset >= 1.1.0, try this instead:

OAUTH_PROVIDERS = [    {        'name': 'google',        'icon': 'fa-google',        'token_key': 'access_token',        'remote_app': {            'client_id': 'GOOGLE_KEY',            'client_secret': 'GOOGLE_SECRET',            'api_base_url': 'https://www.googleapis.com/oauth2/v2/',            'client_kwargs':{              'scope': 'email profile'            },            'request_token_url': None,            'access_token_url': 'https://accounts.google.com/o/oauth2/token',            'authorize_url': 'https://accounts.google.com/o/oauth2/auth'        }    }]

Of course, sub out GOOGLE_KEY and GOOGLE_SECRET. The rest should be fine. This was cribbed from the FAB security docs for the next time there is drift.