SSO With Google
This guide provides step-by-step instructions on how to configure single sign-on (SSO) with Google. You already use Google to conveniently manage permissions to applications. After SSO configuration is complete, you'll also be able to use Google to manage permissions to your Datasources.
Steps
Follow instructions in the tab for your organization's StrongDM region, not your location.
First, enable API access. From the Google Admin console, navigate to the Security tab. Under API reference, enable API access.
Navigate to https://console.developers.google.com and click Create Project. On the New Project dialog, set the following:
Project name: Give the project a name.
Organization: Select strongdm.com.
Location: Select strongdm.com.
From the APIs & Services menu, select OAuth consent screen. Then select user type Internal and click Create.
On the Branding page, set the following (in addition to any required fields):
Application home page:
https://app.strongdm.comAuthorized domains: Add strongdm.com as the domain.
From the APIs & Services menu, select Credentials and then click Create Credentials to create a new OAuth client ID. On the page that opens, set the following:
Application type: Select Web application.
Name: Enter StrongDM.
Authorized JavaScript origins:
https://app.strongdm.com.Authorized redirect URIs:
https://app.strongdm.com/auth/return.
Copy the OAuth client ID and client secret. You will need them in a later step.
Next, enter the account details in the StrongDM Admin UI. Go to Settings > User Management. In the Single Sign-on section, set the following:
Provider: Select Google.
Single sign-on URL: Add your URL (
https://accounts.google.com).Client ID: Paste your client ID.
Client Secret: Paste your client secret.
Select your desired general SSO settings and click activate.
Last updated
Was this helpful?