Versions Compared

Old Version 16

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Gomathy Kumarakuruparan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Google can be used as a federated authenticator in the Identity Server. Do the following to configure the Identity Server to authenticate users using their Google user accounts.

  1. Insert excerpt
    Configuring Federated Authentication
    Configuring Federated Authentication
    nopaneltrue
  2. Register an OAuth 2.0 Application in Google. As the first step, go to Google API Console, navigate to the Credentials tab from the sidebar. You can configure OAuth web application in Google by selecting OAuth Client ID. You can find more details here
    Image Modified
    Select the web application and provide a name for the application (e.g., SampleWebApllication). Enter the Authorized redirect URI as https://localhost:9443/commonauth (this is the endpoint in WSO2 Identity Server that accepts the response sent by Google).

  3. Expand the Google Configuration form and configure the Google authenticator as shown below. Make sure to add your Redirect URI as the Callback URL and Client id and Secret which is generated from above Google application. You can find the client id and secret from edit OAuth client.
    Google configurations:
    WSO2 Identity Server configurations:

  4. Fill in the following fields where relevant.

    FieldDescriptionSample value
    EnableSelecting this option enables Google to be used as an authenticator for users provisioned to the Identity Server.Selected
    DefaultSelecting the Default check box signifies that Google is the main/default form of authentication. This removes the selection made for any other Default checkboxes for other authenticators.Selected
    Client IdThis is the username from the Google application you created from google developer console.1421263438188909
    Client SecretThis is the password from the Google application you created from google developer console. Click the Show button to view the value you enter.12ffb4dfb2fed67a00846b42126991f8
    Callback UrlThis is the URL to which the browser should be redirected after the authentication is successful. It should have this format: https://(host-name):(port)/acscommonauth. Here ACS URL (Assertion Consumer URL) is the endpoint in WSO2 Identity Server which accepts the response sent by Google.https://localhost:9443/commonauth
    Additional Query ParametersThis is necessary if you are connecting to another Identity Server or application. Sometimes extra parameters are required by this IS or application so these can be specified here.scope=openid email profile

...