Setup Guide for Google App

Step 1: Setup Google app as OAuth Provider

  • Login to Google Console: Visit the Google's Developer Console and login to your account.
  • Click Select a project, then NEW PROJECT, and enter a name for the project, and optionally, edit the provided project ID. Then click on Create button.
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login Setup Google app OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login NEW PROJECT
  • Select your project, click on APIs & Services and select OAuth consent screen option.
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login OAuth Consent Screen
  • On the Consent screen page, select the User Type and click on Create. In the next screen, provide Application name and save the changes.
  • Now go to Credentials, click on Create Credentials and select OAuth Client ID.
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login Create credentials
  • Select Web Application as application type.
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login Application type
  • Click on the Add URI button in Authorized redirect URIs section. Collect the callback URL provided in the miniOrange plugin and enter it here. Click on Create.
    The callback URL would be {oauth_client_base_url}/plugins/servlet/oauth/callback
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login Redirect URI
  • Get Client ID and Client Secret: Copy the client ID and client secret to your clipboard, as you will need them when you configure miniOrange plugin.
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login Get Client ID
  • To send user's group to the client application, you need to enable Admin SDK and API access. For Admin SDK, navigate to the Dashboard and click on ENABLE APIS AND SERVICES.
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login Enable APIS and Services
  • Now search for Admin SDK, select it from the list and then click on ENABLE button.
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login Admin SDK
  • To enable API Access you need to login into Google Admin console. In Google Admin Console, go to Security ->Settings.
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login Security ->Settings
  • Look for API Permissions -> Enable API access
  • OAuth/OpenID/OIDC Single Sign On (SSO), Google Apps SSO Login API reference