Page created: 24 Jul 2019
|
Page updated: 8 Feb 2022
| 2 min read
Google Other Documents Integrations Language English Integration Content Type Product documentation Audience Administrator
To allow PingFederate to process sign-on requests using Google, add PingFederate as a sign-on provider in Google.
-
Sign on to the Google Developers Console with a Google account.
Important: For G Suite environments, sign on using the G Suite account that meets the requirements described in Google Login Integration Kit.
- Open an existing project, or create a new project as shown in Create, shut down, and restore projects in the Google documentation.
- If you want to access the "Extended Profile" attributes for G Suite users, enable the Admin SDK API for your project as shown in Enable and disable APIs in the Google documentation.
-
Configure the OAuth consent screen as shown in the User
consent section of Setting up OAuth 2.0 in the Google
documentation.
Note: The consent screen is shown to users whenever the Google IdP Adapter requests access to their Google profile information.
-
Add information about your PingFederate server.
Tip: If you want to create multiple Google IdP Adapter instances, you can create a new OAuth client for each instance.
- On the Credentials tab, from the Create Credentials list, select OAuth client ID.
- On the Create OAuth client ID window, from the Application type list, select Web application.
- In the Name field, enter a name of your choosing.
-
Under Authorized JavaScript Origins, click
Add URI. Enter your PingFederate base URL based on
the following:
https://pf_host:pf_port
-
Under Authorized redirect URIs, click Add
URI. Enter the Google IdP Adapter endpoint based on the
following:
https://pf_host:pf_port/ext/google-authn
-
If you want to retrieve "Extended Profile" attributes for G Suite users,
click Add URI and enter the following URL:
https://oauth.pingone.com/ocs/ppm/rest/v1/oauth/oastempcredresponse/
- Click Create.
- On the OAuth client created modal, note the Client ID and Client Secret. You will use these in Configuring an adapter instance. Click OK.