Description of Issue
Federating using Google Identity/Cloud through Admin Center
Context
Federation
Google
Tyler Identity Workforce
Admin Center
Organization Admin
Okta
Identity Provider
Cause
Needing to Federate using Google
Resolution
Federation
- Go to the Google APIs console and click on Credentials under APIs & Services
- Click CREATE PROJECT
- Project Name: TIDW
- Location: Browse and select your organization
- Click Configure Consent Screen
- For the User Type, click Internal. NOTE: You must be a Workspace User to select it! This limits this app to users within your organization. If you plan to have users from OUTSIDE your organization, select External
- App Name: TIDW
- User support email: Select the email from the drop down
- Developer contact information = Scroll down to the bottom and fill in email addresses for Developer
- For the User Type, click Internal. NOTE: You must be a Workspace User to select it! This limits this app to users within your organization. If you plan to have users from OUTSIDE your organization, select External
- Click SAVE AND CONTINUE
- Click SAVE AND CONTINUE to the Scopes screen
- On the Credentials page, with your TIDW project selected, click CREATE CREDENTIALS
- Select OAuth client ID from the drop-down
- For the Application type select Web application from the drop-down
- Name: TIDW
- Under Authorized Java Script origins, click + ADD URI
- URI: https://tyler-<customerIdentifier>.okta.com
- Under Authorized redirect URIs, click + ADD URI
URIs 1: https:// tyler-<customerIdentifier>.okta.com/oauth2/v1/authorize
URIs 2: https:// tyler-<customerIdentifier>.okta.com/oauth2/v1/authorize/callback
- Click CREATE when finished
- The Client ID and Client secret will appear in OAuth client created. Copy and save them
Admin Center
- Log into Admin Center as an Org Admin How to gain Org Admin access to Admin Center
- Navigate to Settings > Domains to add the desired authentication domains
- Navigate to Identity workforce > Identity providers > Add a new provider > Google
- Input Google information
- Name - e.g. Tylertown, ME
- Client ID - varies in length and characters followed by .apps.googleusercontent.com
- Client Secret - can vary in length and characters
- Secrets Expiration - MM/DD/YYYY
- Email Domains - Authenticating domains for Google
- Select Save
Additional Information
Add Comment