Third-party Authentication Add-on for Google. Customer Guide.
####################################################################
The following configuration will allow the customers to configure the Google OAuth application to implement authentication with Google accounts on their LMS sites.
**Integration requisites**
- It is required to have your LMS site in a domain of your own.
- Enterprise or performance subscription with the add-on third-party authentication enabled.
Configuring the Google OAUTH Application
*****************************************
1. Log in to your Google account to access |developers_console_google_link|.
.. |developers_console_google_link| raw:: html
The developer's console
2. Create a new API project for the integration with the LMS site.
#. Select **New Project**.
#. Enter your **Project Name**.
#. Press **Create**.
.. only:: html
.. figure:: ../_assets/third-party-integration-googleapp-newproject.gif
3. Enable the **Google +API** service.
.. only:: html
.. figure:: ../_assets/third-party-integration-googleapp-enableAPIS.gif
4. Go to the |consentpage_console_google_link|.
.. |consentpage_console_google_link| raw:: html
OAuth consent screen and configure your app according to the needs and requirements for your initiative
Configuring Your Project in the Google Console
***********************************************
1. On your project, create a set of authorization credentials. Go to |credentials_console_google_link|.
.. |credentials_console_google_link| raw:: html
The credentials page and define
- **Authorization type:** Web complication.
- **Name:** The name of your OAuth 2.0 client. This name is only used to identify the client in the console and will not be shown to end-users.
.. only:: html
.. figure:: ../_assets/third-party-integration-googleapp-credentials.gif
2. Set the Redirect Authorized JavaScript origins to https://YOURLMSDOMAIN (without trailing /).
3. Set the Authorized redirect URIs to https://YOURLMSDOMAIN/auth/complete/google-oauth2/.
.. only:: html
.. figure:: ../_assets/third-party-integration-googleapp-redirecturls.gif
4. Provide eduNEXT with the credentials recently created.
The *client ID* and *client secret* can be found at the top-right corner or can be downloaded in a JSON file.
.. only:: html
.. figure:: ../_assets/third-party-integration-googleapp-json.gif
The credentials look like the example below.
.. code-block:: json
{
"web":{
"client_id":"xxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
"project_id":"your_project_id",
"auth_uri":" https://accounts.google.com/o/oauth2/auth",
"token_uri":" https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url":" https://www.googleapis.com/oauth2/v1/certs",
"client_secret":"xxXXXxxxXXXXxxxXXXXxxxxX",
"redirect_uris":[" https://YOURLMSDOMAIN/auth/complete/google-oauth2/"]
}
}
Send this information to the eduNEXT customer support team via the `Edunext Control Center `_ > **Customer Support** > **Submit a Ticket**