How To Set Up Your Own Google App (OpenID Connect) - Authentication API - A universal API for Single Sign On

Step 1

Log in to the Google Cloud Console:

https://console.cloud.google.com/

Step 2

In the left pane, click on APIs & Services, then OAuth consent screen.

Step 3

For Application type, choose Internal.
For Application name, enter your organization’s name.
For Support email, enter your email address.

Note: For the Google Enterprise Provider, please ensure that the application type is Internal. This restricts login to your domain only, whereas “Public” will allow any Google user to log in.

Step 4

For Scope, add email, profile, and openid.
For Authorized domains, add:
logonlabs.com
Enter the remaining fields for your organization as needed (please note that these can be changed later).
Click Save.

Step 5

In the left pane, click on Credentials.

Step 6

Click Create credentials, and then select OAuth client ID.

Step 7

For Application type, select Web application.
For Name, enter your app name. We recommend entering your organization name.
For Authorized JavaScript origins, enter:
https://api.logonlabs.com
For Authorized redirect URIs, enter:
https://api.logonlabs.com/callback
Click Create.

Step 8

In the dialog that appears, take note of the Client ID and Client Secret.

Step 9

LogonLabs Setup:

Go to logonlabs.com
Click Sign In and authenticate (or Sign Up make a new account and authenticate).
Navigate to Default Rules (or Domain Rules and open/create a domain module).
Click on the Google button under Enterprise Identity Providers.
Click Add.
Choose OpenID Connect for the protocol.
Enter a name.
Enter a description (optional).
In the Login URL field, enter:
https://accounts.google.com/o/oauth2/v2/auth
In the Token URL field, enter:
https://oauth2.googleapis.com/token
Enter the Client ID from the Google OAuth setup steps above.
Enter the Client Secret from the Google OAuth setup steps above.
Click Add
Enable Google by clicking the new entry in the Google Identity Providers list.