I would like to enable signing in with google workspace accounts (institutional accounts). The only topic that discuss this is this topic:
I would like to use own ldap auth and also give users to auth via google account. Can you give me hint how to configure it? Thank you very much
and I couldn’t figure out how to make the settings for Google Oauth. Is there a sample settings/steps that can be followed easily to achieve this?
Google uses OpenID-Connect (OIDC) nowadays: OpenID Connect | Google Identity | Google Developers
This should be pretty straightfoward to use with the authlib
auth/identity provider type:
AUTH_PROVIDERS = {
'google': {
'type': 'authlib',
'title': 'Google',
'authlib_args': {
'client_id': 'xxx',
'client_secret': 'xxx',
'server_metadata_url': 'https://accounts.google.com/.well-known/openid-configuration',
'client_kwargs': {'scope': 'openid profile email'}
},
'callback_uri': '/authlib/google',
'use_id_token': True,
},
}
IDENTITY_PROVIDERS = {
'google': {
'type': 'authlib',
'title': 'Google',
'mapping': {
'first_name': 'given_name',
'last_name': 'family_name',
}
},
}
1 Like
@ThiefMaster Thank you very much. It’s working now. It took some time to find out that I also need to pip install authlib
, thanks to you as well in this post:
Ah yes of course, authlib is not a direct dependency of Indico so I forgot to mention that you need to pip install authlib