This guide shows how to configure Google as your identity provider.
Prerequisites
You are an administrator of your Google Cloud Console
You have enabled the Admin SDK API (required for synchronizing Groups)
Create the OAuth application
Log into the Google Cloud Console.
Select an existing Project or create a new one.
Navigate to the Google Auth Platform via the Menu
bar on the left.
If Google Auth Platform is not yet configured, click Get Started
Enter a name for this application (e.g. Neurox Web App) and select a user support email. Click Next. .
Select your intended Audience. We recommend Internal unless you want users to log in with email domains outside of your Google Workspace. Click Next.
Enter an email address for Google to contact you. Click Next.
Check the box to agree to Google's API Services policies. Click Continue.
Click the Create button to create your application.
Create the OAuth client
Click the Create OAuth Client button.
Under Application type select Web application
•
Enter a Name for your OAuth Client (e.g. Neurox Web App)
Under Authorized JavaScript origins click Add URI
In URIs 1 enter your Control Portal URL (e.g.
random-words.goneurox.com
)Under Authorized redirect URIs click Add URI
Enter the following URIs (click Add URI to add more):
https://random-words.goneurox.com/api/connect/google/callback
https://random-words.goneurox.com/idp/callback
https://random-words.goneurox.com/sso/auth
Be sure to replacerandom-words.goneurox.com
with your actual subdomain.
Click the Create button
Copy & Apply your OAuth credentials
Click the Download icon under Actions
In the pop up modal, copy both the Client ID and Client Secret values
Run the following commands:
kubectl create secret generic -n neurox neurox-control-idp-google --from-literal=clientId=<Client ID> --from-literal=clientSecret=<Client Secret>
Last updated