Bitbucket OAuth/OpenID app gives the ability to enable OAuth/OpenID Single Sign-On for Bitbucket. Bitbucket is compatible with all OAuth/OpenID Providers. Here we will go through a guide to configure SSO between Bitbucket and Google Apps. By the end of this guide, Google Apps users should be able to log in and register to Bitbucket.
To configure Google Apps integration with Bitbucket OAuth / OpenID Connect SSO, you need the following items:
- Bitbucket should be installed and configured(supported version Bitbucket Server 5.5.0 - 6.10.1, Bitbucket Data Center 5.5.0 - 6.10.1)
- Admin credentials are set up in Bitbucket.
- Valid Bitbucket Server and Data center Licence.
Download And Installation
- Log into your Bitbucket instance as an admin.
- Navigate to the settings menu and Click Manage Apps.
- Click Find new apps or Find new add-ons from the left-hand side of the page.
- Locate Bitbucket OAuth / OpenID Connect Single Sign On (SSO), Bitbucket SSO via search.
- Click Try free to begin a new trial or Buy now to purchase a license for Bitbucket OAuth / OpenID Connect Single Sign On (SSO), Bitbucket SSO.
- Enter your information and click Generate license when redirected to MyAtlassian.
- Click Apply license.
Step 1: Setup Google app as OAuth Provider
- Login to Google Console :Visit the Google website for Developer Console.
- Click Select a project, then NEW PROJECT, and enter a name for the project, and optionally, edit the provided project ID. Click Create. (If project is not created)
- Create Google application : Select your project. On the Credentials page, select Create credentials, then OAuth client ID.
- You may be prompted to set a product name on the Consent screen; if so, click Configure consent screen, supply the requested information, and click Save to return to the Credentials screen.
- Select Web Application. Enter Authorized redirect URLs as callback URL given in the plugin. Click Create.
- Get Client ID and Client Secret: Copy the client ID and client secret to your clipboard, as you will need them when you configure miniOrange plugin.
- To send user's group to the client application, you need to enable Admin SDK and API access. Navigate to Dashboard and click on ENABLE APIS AND SERVICES.
- Search for Admin SDK and ENABLE it.
- Login to Google Admin console. Go to Security ->Settings.
- Look for API Permissions -> Enable API access