OpenID Connect: Connecting with Google

  1. Connection with Google
    1. Create a Google account for your institution
    2. Google project configuration
    3. Connection configuration in the CMS

Connection with Google

Create a Google account for your institution

First of all, please create a Google account for your institution.

Then go to this link"https://console.cloud.google.com/apis"and create a project for your site.

Google project configuration

To begin, you need to configure the consent screen.
Click on "consent screen" on the left-hand panel.
On the first page, choose a user type: internal or external.
On the second page, enter your application information.
On the third page, "Access level", you need to add the fields: openid, email and profile. To do this, click on "Add or remove application fields", tick the 3 required fields and then click on "Update". Enter test users if you wish.

Once the consent screen has been created, go to the "Login" page by clicking on "Login" in the left-hand panel.

Click on "Create credentials" and create an "OAuth Client ID", select the application type: "Web application" and give it a name.

In the "URI redirections" category, add the following URI :

  • <BOserver_url>/_extra-user-management/oidc-callback
    (<BOserver_url> par ex: https://cms.mywebsite.com ou https://www.mywebsite.com/cms)
  • <SITEserver_url>/_extra-user-management/oidc-callback
    (A saisir plusieurs fois si vous utilisez plusieurs url racines comme https://www.mywebsite.com et https://www.otherwebsite.com)

Once you have validated, a window will appear giving you two pieces of information (to note down for later):

  • Your customer ID
  • Your customer secret code

You can retrieve this information by clicking on "Modify oauth client".

Once you've completed these google configuration steps, you'll need to return to the "Consent screen" and "Publish your application", where you'll have an exchange with google via mail to validate your application.

Connection configuration in the CMS

Go to the CMS administrator area (_admin) and add a new user identification type to an existing or new population.

In "Authentication mode" choose "Google".

In "Customer identifier OpenId" and "Secret key", enter your ClientID and secret code respectively. Then click on "Finish".

Your users can now log in using their google account.

Back to top