mirror of
https://github.com/pomerium/pomerium.git
synced 2025-07-25 12:39:50 +02:00
google idp doc updates
This commit is contained in:
parent
e8b0bcead6
commit
a29738da28
3 changed files with 9 additions and 0 deletions
BIN
docs/docs/google/google-consent-banner.png
Normal file
BIN
docs/docs/google/google-consent-banner.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 61 KiB |
BIN
docs/docs/google/google-oauth-consent.png
Normal file
BIN
docs/docs/google/google-oauth-consent.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 191 KiB |
|
@ -168,6 +168,14 @@ On the **Credentials** page, click **Create credentials** and choose **OAuth [Cl
|
|||
|
||||

|
||||
|
||||
If you don't currently have an OAuth consent page configured, google will not allow you to create credentials until this is completed, and you will likely see **this** banner on the page.
|
||||
|
||||

|
||||
|
||||
Click the button on the banner to go to the consent screen configuration. If all you are configuring is pomerium, you only need to fill in "Application Name" with your desired moniker, and "Authorized Domains" with the domain that pomerium will be calling google from. Afterwards, return to the credential creation page.
|
||||
|
||||

|
||||
|
||||
On the **Create [Client ID]** page, select **Web application**. In the new fields that display, set the following parameters:
|
||||
|
||||
Field | Description
|
||||
|
@ -217,6 +225,7 @@ Next we'll delegate G-suite group membership access to the service account we ju
|
|||
3. Select **Advanced settings** from the list of options.
|
||||
4. Select **Manage API client** access in the Authentication section.
|
||||
5. In the **Client name** field enter the service account's **Client ID**.
|
||||
* (Be sure this is the client id of the service account, and not the oauth client id)
|
||||
6. In the **One or More API Scopes** field enter the following list of scopes: `https://www.googleapis.com/auth/admin.directory.group.readonly` `https://www.googleapis.com/auth/admin.directory.user.readonly`
|
||||
7. Click the **Authorize** button.
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue