Using Google as an Identity Provider

Created on 2019/11/07
Category: 

This how-to shows you how to let users authenticate to Cells using their Google credentials using the OIDC protocol.

Create a Google Application for OIDC

References

Step 1

Visit https://console.cloud.google.com/,

  • Go to APIs & Services

  • Navigate to OAuth consent screen

And set the following fields:

  • Application name: name your application
  • Authorized domains: add your Pydio Cells instance domain
  • Application Homepage link: put your Pydio Cells base url https://my-cells.com
  • Hit Save

Step 2

  • Then go to Credentials

  • Click on Create credentials
  • Select OAuth client ID

  • Application Type : Select Web Application
  • Press Create

Last step, name your app (make sure to remember your ID and Secret) :

  • Authorised JavaScript origins: Add your Pydio Cells url.
  • Authorised redirect URIs: add a redirect url such as https://my-cells.com/auth/dex/callback, add at the end of your Pydio Cells URL /auth/dex/callback (this is the endpoint).

Create a Google Connector in Cells

In your Pydio Cells instance go to Cells Console > Authentication > OAUTH2/OIDC > + Connector.

  • Select OpenID Connect
  • give it a label (name)

Then set the following parameters:

  • Canonical URL of the Provider: https://accounts.google.com
  • Client ID: your previously fetched client ID
  • Client Secret: your previously fetched client Secret
  • Redirection URI: the same URI that you have set during the google app creation.