Skip to content

Configuring a Google identity provider#

To enable login with Google you first have to create a project and a client in the Google Developer Console.

  1. Log in to the Google Developer Console:

    Developer console

  2. Click the Create Project button. Use any value for Project name and Project ID you want, then click the Create button. Wait for the project to be created - this may take a while. Once created you will be brought to the project's dashboard:

    Project Dashboard

  3. Google requires some basic information about the product before creating any secrets for it. For a new project, you have first to configure OAuth consent screen. Fill in OAuth consent screen details. Keep the Application type Internal. Add the email, profile and openid in the allowed Scopes. Under Authorized domains add kubeapp.cloud along with any hosted domains which you want to allow. For example, if Authorized domain is xyz.com then bob@xyz.com will be allowed:

    Google OAuth consent screen

  4. Then navigate to the APIs & Services section in the Google Developer Console. On that screen, navigate to Credentials administration. Select OAuth client ID under the Create credentials button.

  5. You will then be brought to the Create OAuth client ID page. Select Web application as the application type. Specify the name you want for your client. Enter the Authorized redirect URIs that Stakater Support provides, then click the Create button:

    Google OAuth screen

  6. After you click Create you will be brought to the Credentials page. Click on your new OAuth 2.0 Client ID to view the settings of your new Google Client. You will need to provide the Client ID and Client secret to Stakater, send these to Stakater Support:

    client-id-scret

Items provided by Stakater Support#

  • Redirect URIs

Items to be provided to Stakater Support#

  • Client ID
  • Secret
  • Authorized Domain Users of this Google domain will be able to access the cluster