Google OpenID Auth

Last updated 1 year ago

Was this helpful?

Google OpenID Auth

Where possible, all services should be set up to use the Google OAuth client. If the service automatically creates accounts and grants permissions when logging in, the service must be behind a Cloudflare Application with the applied

How to get the Client ID and Client Secret

Log into the (this link should take you to the 'XFGN and AGG auth' project
On the left, click on Credentials
Click on 'A Gamers Grind / XFGN'
Take note of the Client ID and Client Secret on the right

Enabling OpenID Authentication on a Service

Google, google, google.

Google is your best friend in this scenario, but here are the generic Google OAuth details

Add OAuth / OpenID detials to Application

Field

URL

Client ID

Get from the Cloud Console

Client Secret

Get from the Cloud Console

Authorization URL

Access Token URL

Resource URL

Redirect URL

URL of app (refer to apps documentation)

Username

email (refer to apps documentation)

Scope

openid, email, username, profile (refer to apps documentation

These URLs were current as of 11/06/2023

Add application redirect URL to Google OAuth app

Add the applications domain to 'Authorized JavaScript origins'
Add the applications redirect URL to 'Authorized redirect URIs'
Click on Save

Test Authentication

Log out of the app and try logging in with your Google account. If you have issues, refer to the applications documentation.

If signing in with a new Google account automatically creates an account, ensure the app is secured behind a Cloudflare Application to reduce the risk of unwanted access

PreviousBitwarden NextWazuh

Last updated 1 year ago

Was this helpful?