Connecting Google Apps with Auth0
You can connect your Auth0 Application to Google Apps by providing the Google Client ID and Client Secret to Auth0.
Generate the Google Client ID and Client Secret
While logged in to your Google account, go to the API Manager.
Create your new app by navigating to Credentials using the left-hand menu:
While you are on the Credentials page, click on Create a project.
In the dialog box that appears, provide a Project name, answer Google's email- and privacy-related questions, and click Create:
- Google will take a moment to create your project. When the process completes, Google will prompt you to create the credentials you need.
Click on Create credentials to display a pop-up menu listing the types of credentials you can create. Select the OAuth client ID option.
At this point, Google will display a warning banner that says, "To create an OAuth client ID, you must first set a product name on the consent screen." Click Configure consent screen to begin this process.
- Provide a Product Name that will be shown to users when they log in through Google.
- Click Save.
- At this point, you will be prompted to provide additional information about your newly-created app.
Select Web application, and provide a name for your app.
Under Restrictions, enter the following information:
- Authorized redirect URI:
Click Create. Your
Client Secretwill be displayed:
Client Id and
Client Secret to enter into the Connection settings in Auth0.
Enable the Admin SDK Service
If you are planning to connect to Google Apps enterprise domains, you will need to enable the Admin SDK service.
Navigate to the Library page of the API Manager.
Select Admin SDK from the list of APIs:
- On the Admin SDK page, click Enable.
Enable and Configure the Auth0 Enterprise Connection
- Log in to your Auth0 account, and navigate to Enterprise Connections.
- Scroll down to the row for Google Apps, and click the Add New plus icon.
You will see the Settings page for the Google Apps Connection.
- On the Settings screen, provide the following information:
|Google Apps Domain||the Google Apps domain you're using for authentication|
|Domain Aliases (optional)||a comma-separated list of domains registered as aliases for the primary domain|
|Client ID||the Client ID for your Google Apps Account|
|Client Secret||the Client Secret for your Google Apps Account|
|Attributes||the flag that indicates how much information you want stored in the Auth0 User Profile. Select one of the two options: Basic Profile (includes the
|Extended Attributes: Groups||the distribution list(s) to which the user belongs|
|Extended Attributes: Is Domain Administrator||whether the user is a domain administrator or not|
|Extended Attributes: Is Account Suspended||whether the user's account is suspended or not|
|Extended Attributes: Agreed to Terms||whether the user's agreed to the terms of service or not|
|Enable Users API||the flag that indicates whether you've chosen to enable the ability to make calls to the Google Directory API|
Click Save when you're done.
- You will need to configure your settings so that your app can use Google's Admin APIs. If you're the administrator, you can click Continue on the Connection's Settings page to do so. If not, provide the URL you're given to your administrator so that they can adjust the required Settings.
Enable the Connection for Your Auth0 Application
To use your newly-created Connection, you'll need to enable it for your Auth0 Application(s).
- Go to the Applications page of the Management Dashboard.
- Select the Application for which you want to enable the Connection.
- Click the Connections icon for your Application.
- Scroll down to the Enterprise section of the Connections page, and find your Google Apps Connection. Click the slider to enable the Connection. If successful, the slide turns green.
At this point, your users will be able to log in using their Google App credentials.