OAuth2 Authentication with Google
In this guide, you will learn how to authenticate yourself with Google.
Generate OAuth 2.0 Client IDs
-
In your Project head to API & Services > Credentials
-
Click CREATE CREDENTIALS and select OAuth Client ID
-
Give it name
-
At Authorized JavaScript origins, add your URIs. This is your instance’s complete URL. For example,
https://my-enviroment.neptune-software.cloud -
At Authorized redirect URIs, add the following:
https://my-enviroment.neptune-software.cloud/user/logon/oauth2/oauth2new/callbackThe folder name in the path between oauth2andcallbackwill be the Path you will define in the next section. -
Copy the following:
-
Client ID
-
Client secret
-
Authorized redirect URI
These will be used in the next step.
-
Configure your authentication OAuth2 provider in System Settings
-
Add a new authentication and choose OAuth2
-
Enable Active and Show on login page to have the authentication active and available in the login options
-
Add a meaningful Name,Description and Path. In this example, the path is
oauth2newOnce the path is added, a folder will be created containing all OAuth2 information. -
At Authorization URL paste
https://accounts.google.com/o/oauth2/v2/auth -
At Token URL paste
https://oauth2.googleapis.com/token -
At Callback URL paste the previously copied Authorized redirect URI
-
At Redirect URL paste
https://my-enviroment.neptune-software.cloud/cockpit.html -
Paste the Client ID and Client secret
-
At Scopes add
email. You can always add more or other scopes -
At Profile Script paste the following code:
this._oauth2.get('https://www.googleapis.com/oauth2/v3/userinfo', accessToken, function(err, body, res) { const profile = JSON.parse(body); done(null, profile) }) -
Add your Claims Assignments. For example:
-
Enable Only assign on first login to assign the claims, roles and department only on the first login
-
Assign the default Roles and Departments for the new users
-
Press OK
-
Save and Restart the server to apply the changes