In this document you are going to set up IDmelon as an external IdP to the Google.
Login to Google administration panel
In order to set up the connection, you will need to log into to your Google administration panel.
Add Identity Provider
In the Google administration panel, from the side menu, navigate to the Security menu.
Then from the Security menu, select the Overview sub menu.
Then Scroll down and navigate to Set up Single Sign-On (SSO) with a third-party IdP
In Third-party SSO profile for your organization, click Add SSO profile.
Check the Set up SSO with third-party identity provider box.
Get all values for {..} from your IDmelon panel.
If you are currently login here, you will see the replaced values instead.
Sign-in page URL : idp_single_sign_on_url
Sign-out page URL : idp_single_sign_on_url
Verification Certificate : idp_certificate_download_url
Click Save.
Create an SSO profile
In the Single Sign-On (SSO) with third-party Identity Providers (IDPs) panel.
Scroll down to Third-party SSO profiles, click Add SAML profile.
Enter a name for the profile.
IDP entity ID : idp_issuer_uri
Sign-in page URL : idp_single_sign_on_url
Upload certificate : idp_certificate_download_url
Click Save.
IDmelon SAML configuration
After completing previous Setup Google connection section and submitting the form, you can see a new IdP added to your list.
You should copy values of below fields from the SP details Under the SAML SSO profile to the IDmelon Panel:
Entity ID.
ACS URL.
Manage SSO profile assignments
Scroll down and navigate to Manage SSO profile assignments.
Choose Another SSO Profile.
Select your Custom SSO config Select SSO profile.
Choose Have Google prompt for their username, then redirect them to this profile's IDP sing-in page..
You can choose Users, Groups, Orgenisational units in order to activate idmelon SSO.
Domain-specific service URLs
Scroll down and navigate to Domain-specific service URLs.
Check Automatically redirect users to the third-party IdP in the following SSO profile box, To finally submit SSO profile.
Then Select SSO Profile for your organisation, under the SSO profile field.
Click Save.
API Token
In the Google Cloud console, enable the People API.
Create New Project :
Choose custom name in Project name
Choose an organization in Location
Click CREATE
Select your Custom Project.
Confirm project then Click NEXT.
Click ENABLE.
Then from Google Console, in APIs and services panel click CREATE CREDENTIALS and choose each Api option which you want to use.
Then Api will created and you can Copy your needed values:
if you choose OAuth client ID.
