Configuring OpenID Connect with Google

This guide describes the steps necessary to use Google as an Identity Provider for S-Filer Portal. You need to set up your Google portal, and you must have an administrator account with the necessary permissions to create a new identifier for an OAuth client.

Step 1 - Connect to the Google portal

• Log in to the Google portal using your browser and your login credentials
• Select the existing project in which you want to configure OpenID Connect, or create a new one

Step 2 - Create a new API credential

• Open the drop-down menu at the top left of the page
• Select the APIs and Services menu
• Select the Credentials option

• Once in the credentials screen, use the CREATE CREDENTIALS button in the top bar
• Select the OAuth client ID option

• On the OAuth client ID creation page, choose Web application from the drop-down menu for Application type
• Enter a name that will allow you to recognize that this is for S-Filer Portal
  • Ex: S-Filer Prod Environment
• In the Authorized redirect URIs section, click on the Add URI button
• Enter the domain name of S-Filer Portal followed by /sfiler/LoginOpenIdConnectCallback.action
  • Ex: https://_[YOUR.DOMAIN-SFILER.COM]_/sfiler/LoginOpenIdConnectCallback.action
  • This URL comes from the environment on which S-Filer Portal is running. It should be a public URL that is accessible to users who want to use the OpenID Connect functionality.
• Once you have completed all the fields, click on the CREATE button

• On the OAuth client ID confirmation page, copy and save the values of the Client ID and Client secret fields
  • They are the Client identifier and Client secret fields in step 3 of the S-Filer Portal configuration

Step 3 - Customize the user consent screen

• During the OpenID Connect authentication process, the S-Filer Portal user will be redirected to a Google authentication page
  • This page must be customized
• Click on OAuth consent screen
  • If this is the first time you go in this menu, you'll need to select the type of user who can use your application (internal or external) and click on the CREATE button
• You can now customize the authentication page, including the application name and logo, and an e-mail address if a user needs support

Step 4 - Metadata URL retrieval

• For the Google provider, the metadata URL is always the same: https://accounts.google.com/.well-known/openid-configuration
• Copy and save this value
  • This is the Metadata URL in step 3 of the S-Filer Portal configuration

Next steps

• Configure S-Filer Portal with these information S-Filer Portal OpenID Connect Configuration