Configuring Google Identity Authentication
Configure Google as your IDP
To configure Google Identity/Google Workspace (GSuite) authentication for Wayfinder, you must add an OAuth 2.0 Client ID using the Google Cloud Platform console. You then use the values from this Client ID to configure Wayfinder.
1 - Add an OAuth client ID in Google
To add an OAuth client ID:
-
Log in to the Google Cloud Platform console and open the APIs & Services section.
-
Select Credentials, and then Create Credentials > OAuth client ID.
-
Name it appropriately, for example,
wf
. -
Add your Wayfinder API URL as an authorized redirect URI, for example:
https://api.wf.yourorg.io/oauth/callback
-
Create the credential.
Note the Client ID and Client Secret.
-
Go to the OAuth consent screen section, give your app a name (this will be shown to users when they log in), and set the User type to Internal. This ensures that only users in your organization will be able to log in using this method.
-
Use the noted client ID, and client secret to configure Wayfinder, as shown below.
2 - Configure Wayfinder
Once you've created the client ID as shown above, use the values you noted to configure Wayfinder.
To complete the Google IDP configuration in Wayfinder:
In Wayfinder's web interface:
- Select Admin, navigate to Access > SSO, and then click Connect for your chosen IDP provider.
- Click Configure, and then provide the required information.
- Click Validate and test.
- When the validation is complete, click Connect.
If you change your IDP configuration to a different provider, any user who is not associated with the same email address in the new provider will lose access to their Wayfinder account.