Google

Get a refresh token

To allow the Google IdP Adapter to retrieve "Extended Profile" attributes for G Suite users, use your application credentials to get an OAuth 2.0 refresh token.

About this task

These steps are not required if you only want the email address or "Basic Profile" attributes for your users. For a list of attributes available under each profile type, see Available user attributes reference.

Steps

  1. Go to the Ping Identity OAuth Configuration Service.

  2. Select Google Apps Connector from the drop-down menu.

    The Ping Identity OAuth Configuration Service
  3. In the Client ID field, enter the value that you noted in Registering PingFederate in Google.

  4. In the Client Secret field, enter the value that you noted in Registering PingFederate in Google.

  5. Click Connect.

  6. Sign on using the G Suite developer account that meets the requirements described in Google Login Integration Kit.

    If you have already signed on, Google might not prompt you to sign on again.

  7. Grant access to the requested permissions by clicking Allow.

  8. On the Service Response modal, note the Refresh Token. You will use this in Configuring an adapter instance.

    An example response shown by the OAuth Configuration Service