Page created: 24 Jul 2019 |
Page updated: 8 Feb 2022
To allow PingFederate to process sign-on requests using Google, add PingFederate as a sign-on provider in Google.
Sign on to the Google Developers Console with a Google account.
Important: For G Suite environments, sign on using the G Suite account that meets the requirements described in Google Login Integration Kit.
- Open an existing project, or create a new project as shown in Create, shut down, and restore projects in the Google documentation.
- If you want to access the "Extended Profile" attributes for G Suite users, enable the Admin SDK API for your project as shown in Enable and disable APIs in the Google documentation.
Configure the OAuth consent screen as shown in the User
consent section of Setting up OAuth 2.0 in the Google
Note: The consent screen is shown to users whenever the Google IdP Adapter requests access to their Google profile information.
Add information about your PingFederate server.
Tip: If you want to create multiple Google IdP Adapter instances, you can create a new OAuth client for each instance.
- On the Credentials tab, from the Create Credentials list, select OAuth client ID.
- On the Create OAuth client ID window, from the Application type list, select Web application.
- In the Name field, enter a name of your choosing.
Add URI. Enter your PingFederate base URL based on
Under Authorized redirect URIs, click Add
URI. Enter the Google IdP Adapter endpoint based on the
If you want to retrieve "Extended Profile" attributes for G Suite users,
click Add URI and enter the following URL:
- Click Create.
- On the OAuth client created modal, note the Client ID and Client Secret. You will use these in Configuring an adapter instance. Click OK.