{"metadata":{"image":[],"title":"","description":""},"api":{"url":"","auth":"required","results":{"codes":[]},"settings":"","params":[],"examples":{"codes":[]}},"next":{"description":"","pages":[]},"title":"Google SSO","type":"basic","slug":"google-sso","excerpt":"","body":"[block:api-header]\n{\n  \"title\": \"Overview\"\n}\n[/block]\nSingle sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session.\n[block:api-header]\n{\n  \"title\": \"Prerequisite\"\n}\n[/block]\nBelow is the list of parameters that are required to be configured in order for the tenant to integrate Google Sign In.\n[block:parameters]\n{\n  \"data\": {\n    \"h-0\": \"Name\",\n    \"h-1\": \"Sample Value\",\n    \"0-0\": \"Client ID\",\n    \"1-0\": \"Client Secret\",\n    \"1-1\": \"7c4BEITQFtFZVtqhLnUN5wgN\",\n    \"0-1\": \"906946589628-idr2k5srkrl2uuq0n85uur28nv90nc6q.apps.googleusercontent.com\",\n    \"2-0\": \"Authorized Domains\",\n    \"2-1\": \"gmail.com, gooru.org\",\n    \"h-2\": \"Description\",\n    \"0-2\": \"Client ID of the partners Google console account\",\n    \"1-2\": \"Client Secret of the partners Google console account\",\n    \"2-2\": \"List of domains that need to be authorized for this integration. Email addresses outside of these domains will not be able to access.\"\n  },\n  \"cols\": 3,\n  \"rows\": 3\n}\n[/block]\nGooru will configure SSO access and share client id and secret.\n[block:api-header]\n{\n  \"title\": \"Google Auth\"\n}\n[/block]\nIn order to use Google SSO, client application should initiate SSO request by calling GET endpoint as like (this is sample endpoint, it may change):\n\nhttps://gooru.org/api/nucleus-auth-idp/v2/google/login\n\n\nGooru will then redirect the to the issuer / login URL based on the client id passed in the request. If a user is not already logged in at clients application, the login page will be displayed. \n\nBased on the claims received, the user details are verified in Gooru and the user is authenticated. Upon successful authentication, they will be redirected to Gooru homepage.","updates":[],"order":999,"isReference":false,"hidden":false,"sync_unique":"","link_url":"","link_external":false,"_id":"5f4d127723751c013845c388","createdAt":"2020-08-31T15:08:39.101Z","user":"5dc3f7bf4ce31a00f0795e4b","category":{"sync":{"isSync":false,"url":""},"pages":[],"title":"Single Sign-On","slug":"single-sign-on","order":23,"from_sync":false,"reference":false,"_id":"599bc76bc03fa2000f83db2a","project":"56439dfe9eebf70d00490d54","version":"5864d2df79ce642d00f0fec7","createdAt":"2017-08-22T05:55:55.391Z","__v":0},"version":{"version":"2","version_clean":"2.0.0","codename":"","is_stable":true,"is_beta":true,"is_hidden":false,"is_deprecated":false,"categories":["5864d2df79ce642d00f0fec8","5864d2df79ce642d00f0fec9","5864d2df79ce642d00f0feca","5864d2df79ce642d00f0fecb","5864d2df79ce642d00f0fecc","5864d2df79ce642d00f0fecd","5864d2df79ce642d00f0fece","5864d2df79ce642d00f0fecf","5864d2df79ce642d00f0fed0","5864d2df79ce642d00f0fed1","5864d2df79ce642d00f0fed2","5864d2df79ce642d00f0fed3","5864d2df79ce642d00f0fed4","5864d2df79ce642d00f0fed5","5864d2df79ce642d00f0fed6","5864d2df79ce642d00f0fed7","5864d2df79ce642d00f0fed8","5864d2df79ce642d00f0fed9","5864d2df79ce642d00f0feda","5864d2df79ce642d00f0fedb","5864d2df79ce642d00f0fedc","5864d2df79ce642d00f0fedd","5864d2df79ce642d00f0fede","598aa64f4b6e990019b7a2d2","599bc76bc03fa2000f83db2a","599bcc3c3c5bf7000f3434fc","5d427dc9fa56fa0011135058","5d429c616863d5003af785a7","5d429e0889418f00c5e95d3f","5d42b5f098b05e003acb08b4","5d43c16985775c00ebeede3b","5d43d15446d584003da91e6d","5d43d61a5bdac50011b6f234","5d43d7c2db365100640dbc58","5d43d954bffa8400ff7efa78","5d43e414cf4f03005944344c","5d43eb42db365100640dbe4a","5d43ee6c78121b0057bc1dbf","5d9a18b4afc33400126c4e6f","5dc4f96dbb5da3006c8f5660"],"_id":"5864d2df79ce642d00f0fec7","createdAt":"2016-12-29T09:09:51.074Z","project":"56439dfe9eebf70d00490d54","releaseDate":"2016-12-29T09:09:51.074Z","__v":18},"project":"56439dfe9eebf70d00490d54","__v":0}
[block:api-header] { "title": "Overview" } [/block] Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session. [block:api-header] { "title": "Prerequisite" } [/block] Below is the list of parameters that are required to be configured in order for the tenant to integrate Google Sign In. [block:parameters] { "data": { "h-0": "Name", "h-1": "Sample Value", "0-0": "Client ID", "1-0": "Client Secret", "1-1": "7c4BEITQFtFZVtqhLnUN5wgN", "0-1": "906946589628-idr2k5srkrl2uuq0n85uur28nv90nc6q.apps.googleusercontent.com", "2-0": "Authorized Domains", "2-1": "gmail.com, gooru.org", "h-2": "Description", "0-2": "Client ID of the partners Google console account", "1-2": "Client Secret of the partners Google console account", "2-2": "List of domains that need to be authorized for this integration. Email addresses outside of these domains will not be able to access." }, "cols": 3, "rows": 3 } [/block] Gooru will configure SSO access and share client id and secret. [block:api-header] { "title": "Google Auth" } [/block] In order to use Google SSO, client application should initiate SSO request by calling GET endpoint as like (this is sample endpoint, it may change): https://gooru.org/api/nucleus-auth-idp/v2/google/login Gooru will then redirect the to the issuer / login URL based on the client id passed in the request. If a user is not already logged in at clients application, the login page will be displayed. Based on the claims received, the user details are verified in Gooru and the user is authenticated. Upon successful authentication, they will be redirected to Gooru homepage.