Configure Google as SSO
On Google side, you'll have to follow these steps:
- Step 1: Create an application on the OAuth consent screen tab
The scopes needed are
- Step 2: Restrict the access to your internal workspace by checking the
Internaluser type in the OAuth consent screen.
- Step 3: Create a new
OAuth client ID
You can select the name you want, shown here as
Conduktor Console, and enter the redirect URI as the following:
http(s)://<Console host>:<Console port>/oauth/callback/<OAuth2 config name>.
For example, if you deployed Console locally using the name
http://localhost:8080/oauth/callback/google, like on the screenshot below.
- Step 4: Get the
client IDand the
After the creation, the pop-up below appears. You can save the client ID and secret as JSON if you want.
You can find the .well-known at:
If you need to add an authorized domain to your Google account, you can follow this guide.
On Console side, you can add the snippet below to your configuration file. You have to replace the client ID and secret by what you got during the step 4.
- name: "google"
client-id: "<client ID>"
client-secret: "<client secret>"
Or using environment variables :