How To Set Up Your Own Google App (OpenID Connect)

Step 1

Log in to the Google Cloud Console:

https://console.cloud.google.com/


Step 2

In the left pane, click on APIs & Services, then OAuth consent screen.


Step 3

  • For Application type, choose Internal.
  • For Application name, enter your organization’s name.
  • For Support email, enter your email address.

Note: For the Google Enterprise Provider, please ensure that the application type is Internal. This restricts login to your domain only, whereas “Public” will allow any Google user to log in.

Step 3

Step 4

  • For Scope, add email, profile, and openid.
  • For Authorized domains, add:

    logonlabs.com

  • Enter the remaining fields for your organization as needed (please note that these can be changed later).
  • Click Save.
Step 4

Step 5

In the left pane, click on Credentials.


Step 6

Click Create credentials, and then select OAuth client ID.

Step 6

Step 7

  • For Application type, select Web application.
  • For Name, enter your app name. We recommend entering your organization name.
  • For Authorized JavaScript origins, enter:

    https://api.logonlabs.com

  • For Authorized redirect URIs, enter:

    https://api.logonlabs.com/callback

  • Click Create.
Step 7

Step 8

In the dialog that appears, take note of the Client ID and Client Secret.


Step 9

LogonLabs Setup:

  1. Go to logonlabs.com
  2. Click Sign In and authenticate (or Sign Up make a new account and authenticate).
  3. Navigate to Default Rules (or Domain Rules and open/create a domain module).
  4. Click on the Google button under Enterprise Identity Providers.
  5. Click Add.
  6. Choose OpenID Connect for the protocol.
  7. Enter a name.
  8. Enter a description (optional).
  9. In the Login URL field, enter:

    https://accounts.google.com/o/oauth2/v2/auth

  10. In the Token URL field, enter:

    https://oauth2.googleapis.com/token

  11. Enter the Client ID from the Google OAuth setup steps above.
  12. Enter the Client Secret from the Google OAuth setup steps above.
  13. Click Add
  14. Enable Google by clicking the new entry in the Google Identity Providers list.
Step 9