google as IdP with OCI Identity Domain

google as IdP with OCI Identity Domain

May 28, 2024 | seedling, permanent

tags :

Google as IdP in Identity Domain in OCI #

ref IAM in OCI

Creating Google OAuth2 client ID, Integrated Application #

ref

Get the Domain URL

https://<Domain URL>:443/oauth2/v1/social/callback

Add this url as “Authorized redirect URI

Make the app external

Get the “Clilent-ID” and “client-secret” from here

Create new Social IdP in OCI Domain #

Identity →Security →Identity Provider → Add Social IDP

Activate the added IdP

Enable new google IDP for login #

the members will add to the “invoicing-app-test” group automatically after registration

OCR of Images #

2023-11-29_12-32-23_screenshot.png #

console.cloud.googoogle.comjapisycredentials/project-azmx-374413 A B Start your Free Trial with $300 in credit. Don't worry-you won't be charged if you run out of credits. Learn more E Google Cloud : Az Search () for resources, docs, products, and more Q Search API APIs & Services Credentials + CREATE CREDENTIALS DELETE K RESTORE DELETED CREDENTIALS API key e Enabled APIs H Library Create credentials to aci Identifies your project using a simple API key to check quota and access OAuth client ID API Keys Requests user consent sO your app can access the user's data Or Credentials : OAuth consen... Fo Page usage a.. Name No API keys to displa Service account Restrictions Enables server-to-server, app-level authentication using robot accounts Help me choose OAuth 2.0 Client - - Asks a few questions to help you decide which type of credential to use Name BI Creation date L Jan 11, 2023 Type Web application Client ID 948049933667-ho6d. 0 Service Accounts Email No service accounts to display Name T

2023-11-29_12-33-16_screenshot.png #

Start your Free Trial with $300 in credit. Don't worry-you won't be charged if you run out of credits. Learn more E Google Cloud AzmX - Search () for resources, docs, products, and more API APIS & Services Create OAuth client ID  Enabled APls - A client ID is used to identify a single app to Google's OAuth servers. If your app runs on multiple platforms, each will need its own client ID. See Setting up OAuth 2.0  for more E LI Library information. Learn more E about OAuth client types. Or Credentials Annlication tvne * Web application Android : OAuth consen... Fo Page usage a... Chrome Extension iOS TVs and Limited Input devices Desktop app Universal Windows Platform (UWP)

2023-11-29_12-39-25_screenshot.png #

cloud.oracle.com/ldentity/domains/ocidi.domaln.ocl.aaaaaaacziuinki2.. 17 ORACLE Cloud Search resources, services, documentation, Saudi Arabia West (Jeddah) V Identity: > Domains X projectx domain Identity domain Overview in projectx Domain Overview Users Groups Edit domain Move resource Add tags Reset all passwords More actions V Domain information Tags Integrated applications Oracle Cloud Services Jobs Reports Security Settings Notifications Branding OCID: ...thxi6a Show Copy Domain type: External User Description: projectx porttolio apps Copy Created: Wed, Nov 29, Show domain on login: On Domain URL: ..ud.com:443 Show Copy 09:37:16 UTC 2023, Domain replication: Status: Active Home region: Saudi Arabia West Jeddah) Audit log report Get the most out of your domain Review identity domain activity, including successful and failed logins, and creation, modification, and deletion of user accounts. Learn more about OCI IAM identity domains, including general information about identity domains, how to use identity domains, icense types, and more. Learnmore Generate report

2023-11-29_12-40-56_screenshot.png #

Additio Name * invoicing-app-test The name ofyour OAuth 2.0 client. This name is only used to identify the client in the Client console and will not be shown to end users. Creatio The domains of the URIs you add below will be automatically added to your OAuth consent screen as authorized domains Z. Clier If you ar them Wi Client - Authorized JavaScript origins R. For use with requests from a browser + ADD URI Creatio Authorized redirect URIs 0 For use with requests from a weba ar Status UR ltps/idcs-cabb475ba oud.com: + ADDA URI Note: It may take 5 minutes to a few hours for settings to take effect SAVE CANCEL

2023-11-29_13-04-18_screenshot.png #

Start your Free Trial with $300 in credit. Don't worry-you won't be charged if you run out of credits. Learn more E Google Cloud API APIS & Services € Enabled APIs L LLI Library Or Credentials : OAuth consent... E a Page usage a... AzmX  Search () for resources, docs, products, and more OAuth consent screen Learr invoicing-app-test EDIT APP Goog What What What What User type Internal ? MAKE EXTERNAL OAuth rate limits Your token grant ra Token grant rates li day token grant rate 5 minutes / 1 da ne hat illn hat Make external? Your current per da Please choose the publishing status of your external app. Publishing status Testing @ users. In production Apps still in development. Your app will only be available to users you add to the list of test DW DW oma hat Apps ready for the public. Your app will be available to anyone with a Google Account. You do not need to submit your app for verification. If you change your app's configuration in the future, like adding more than 10 domains, uploading a logo, or requesting sensitive or restricted scopes, you will need to submit for verification E. 3 PM A SHOW LESS 6PM CANCEL CONFIRM

2023-11-29_12-42-58_screenshot.png #

ORACLE Cloud Search resources, services, documentation, Saudi Arabia West (Jeddah) V Identity > Domains > projectx domain> Security > Ide Add social Help identity provider Security Iden Type Terms of use Administrators Adaptive security Identity providers IdP policies Sign-on policies Network perimeters App gateways Account recovery MFA V Select the type of social IdP Twitter OpenID Connect Facebook Google Linkedin Microsoft Wh Set in: an the Configure Configure single sign-on (SSO) for social identity provider. Add Name Client ID TWO-factor authentication OAuth Enter the OAuth client id for the social login type you want to use. Client secret Enter the OAuth client secret for the social login type you want to use. Enable account linking Unselect this option to prevent users from linking to their social accounts.

2023-11-29_12-49-37_screenshot.png #

ORACLE Cloud Search resources, services, documentation, Saudi Arabia West Jeddah) V Identity> Domains > projectx domain> Security: > IdF Edit identity provider rule Help Defa Rule name Default IDP Rule IdP - Assign identity providers Crea Username-Password x (nvoicing-app-test-idp X C The identity providers to use to authenticate the user accounts evaluated by this rule. Conditions Expression placement Starts with expression Enter user name expression ACTIVATED Resources Iden C Identity provider rules Apps Add Exclude users Optional Select... C One or more user accounts to exclude from this rule. Croup membership Uptional invoicing-app-test X selec C Groups that the user must be a member of to meet the criteria of this rule. Filter by client IP address Anywhere Restrict to the following network perimeters:

Links to this note

Calendar May 29, 2024

Go to random page

Previous Next