Federating using Google through Admin Center

Owned by Knowledge Assistant
Last updated: Dec 09, 2024
Description of Issue

Connect Google Identity/Cloud through Admin Center

Context

  • Federation

  • Google

  • Tyler Identity Workforce

  • Admin Center

  • Organization Admin

  • Okta

  • Identity Provider

Cause

Needing to connect Google to Okta

Resolution

Federation

  1. Go to the Google APIs console and click on Credentials under APIs & Services
  2. Click CREATE PROJECT
    1. Project Name: TIDW
    2. Location: Browse and select your organization
  3. Click Configure Consent Screen
    1. For the User Type, click Internal. NOTE: You must be a Workspace User to select it! This limits this app to users within your organization. If you plan to have users from OUTSIDE your organization, select External
      1. App Name: TIDW
      2. User support email: Select the email from the drop down
      3. Developer contact information = Scroll down to the bottom and fill in email addresses for Developer 
  4. Click SAVE AND CONTINUE
  5. Click SAVE AND CONTINUE to the Scopes screen
  6. On the Credentials page, with your TIDW project selected, click CREATE CREDENTIALS
  7. Select OAuth client ID from the drop-down
  8. For the Application type select Web application from the drop-down
    1. Name: TIDW
    2. Under Authorized Java Script origins, click + ADD URI
      1. URI: https://tyler-<customerIdentifier>.okta.com
    3. Under Authorized redirect URIs, click + ADD URI 

      1. URIs 1: https:// tyler-<customerIdentifier>.okta.com/oauth2/v1/authorize

      2. URIs 2: https:// tyler-<customerIdentifier>.okta.com/oauth2/v1/authorize/callback

      3. Click CREATE when finished
  9. The Client ID and Client secret will appear in OAuth client created. Copy and save them 

Admin Center

  1. Log into Admin Center as an Org Admin How to gain Org Admin access to Admin Center
  2. Navigate to  Identity Workforce > Identity providers > Add a new provider > Google to add the desired authentication domains 
  3. Input Google information 
    1. Name - e.g. Tylertown, ME
    2. Client ID - varies in length and characters followed by .apps.googleusercontent.com
    3. Client Secret - can vary in length and characters 
    4. Secrets Expiration - MM/DD/YYYY
    5. Email Domains - Authenticating domains for Google
  4. Select Save
Additional Information