Single Sign-On (SSO) Authentication with Google

In this article, you'll learn how to set up Single Sign-On (SSO) authentication with Custom Google Domain. The SSO can be implemented for both Web and Admin Portals.

Keep in mind that when you activate an SSO authentication, the following OfficeRnD Hybrid authentication services are disabled:
  • The standard login with an OfficeRnD Hybrid user and password
  • The "Reset password" links in OfficeRnD Hybrid
  • The token for authentication that employees receive when invited to the Members Portal. 

Enable SSO with Google

  1. Navigate to https://console.developers.google.com/?pli=1

  2. Click Create Project
    AddSSOGoogleProject.gif

  3. Navigate to the OAuth consent screen and choose how you want to configure and register your app, including your target users.
  4. Start by choosing the User Type as External or Internal and click Create.
  5. Set the Application Name to OfficeRnD Hybrid and complete the configuration.

  6. Navigate to Credentials and click Create credentials

  7. Choose OAuth client ID and select Application Type: Web application

  8.  Set a Name.

  9. Open your OfficeRnD Hybrid account in a separate browser tab.
  10. Navigate to Settings/Integrations.
  11. Expand Authentication and next to SSO Authentication click Activate.
  12. Click Configure and copy the Return URL
  13. Go back to the Google Cloud Platform
  14. Find the Authorized redirect URIs section and click Add URI. Paste the Return URL you copied in step 12. 

  15. Click Create. 

  16. A confirmation window pops up with the Client ID and Client Secret. 

    • Copy the Client ID and navigate to the OfficeRnD Hybrid SSO configuration window. Paste the value in the Client ID field. 
    • Copy the Client Secret and navigate to the OfficeRnD Hybrid SSO configuration window. Paste the value in the Client Secret field. 
      AddGoogleSSODetails.gif
  17. Next, we need to set the Discovery URL on the OfficeRnD Hybrid side, in the SSO Authentication configuration. You can follow this article to get the Discovery URL or you can enter it manually:  https://accounts.google.com/.well-known/openid-configuration

  18. Enable Automatic Account Activation - With this setting enabled, employees that already exist in OfficeRnD Hybrid will be allowed to log into the Portals without needing to be explicitly invited. If this setting is disabled - employees without prior access to the Portals will need to have it Enabled by an administrator.
  19. Click Update.

Admin Portal SSO

After you have configured the Web Portal SSO, you can add your Admin Portal SSO as well.

  1. Click Configure on the SSO integration in OfficeRnD.
  2. Click Activate Admin Portal SSO.
  3. Copy the Return URL.
  4. Open your newly created project in Google.
  5. Switch to the Credentials section.
  6. Open the OAuth 2.0 Client IDs section by clicking on your project's name.
  7. Under the Authorized Redirect URIs click Add URI.
  8. Paste the copied Return URL.
  9. Save your changes in both platforms.

gsso.gif

Was this article helpful?
0 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.