Google

In this document you are going to set up IDmelon as an external IdP to the Google.

Login to Google administration panel


In order to set up the connection, you will need to log into to your Google administration panel.

Add Identity Provider


In the Google administration panel, from the side menu, navigate to the Security menu.

Then from the Security menu, select the Overview sub menu.

Then Scroll down and navigate to Set up Single Sign-On (SSO) with a third-party IdP

In Third-party SSO profile for your organization, click Add SSO profile.

Check the Set up SSO with third-party identity provider box.

Get all values for {..} from your IDmelon panel.
If you are currently login here, you will see the replaced values instead.

Sign-in page URL : idp_single_sign_on_url

Sign-out page URL : idp_single_sign_on_url

Verification Certificate : idp_certificate_download_url

Click Save.

Create an SSO profile

In the Single Sign-On (SSO) with third-party Identity Providers (IDPs) panel.

Scroll down to Third-party SSO profiles, click Add SAML profile.

Enter a name for the profile.

IDP entity ID : idp_issuer_uri

Sign-in page URL : idp_single_sign_on_url

Upload certificate : idp_certificate_download_url

Click Save.

IDmelon SAML configuration


After completing previous Setup Google connection section and submitting the form, you can see a new IdP added to your list.

You should copy values of below fields from the SP details Under the SAML SSO profile to the IDmelon Panel:

Entity ID.

ACS URL.

Manage SSO profile assignments


Scroll down and navigate to Manage SSO profile assignments.

Choose Another SSO Profile.

Select your Custom SSO config Select SSO profile.

Choose Have Google prompt for their username, then redirect them to this profile's IDP sing-in page..

You can choose Users, Groups, Orgenisational units in order to activate idmelon SSO.

Domain-specific service URLs


Scroll down and navigate to Domain-specific service URLs.

Check Automatically redirect users to the third-party IdP in the following SSO profile box, To finally submit SSO profile.

Then Select SSO Profile for your organisation, under the SSO profile field.

Click Save.

API Token


In the Google Cloud console, enable the People API.

Create New Project :

Choose custom name in Project name

Choose an organization in Location

Click CREATE

Select your Custom Project.

Confirm project then Click NEXT.

Click ENABLE.

Then from Google Console, in APIs and services panel click CREATE CREDENTIALS and choose each Api option which you want to use.

Then Api will created and you can Copy your needed values:

if you choose OAuth client ID.