Google social login users must belong to an organization that uses this login.
Google users cannot be used outside organizations (i.e., without an assigned
organization).
Before setting up Google social login in Bacularis, prepare the OAuth2
ClientID and ClientSecret in the Google developer platform. Create an
OAuth2 client at:
Refresh tokens are supported by both Google and Bacularis. These tokens will
only be used if the Userefreshtoken option is enabled in the Google
identity provider configuration in Bacularis. Otherwise, when the user session
expires, it cannot be refreshed automatically and the user will need to
re-authorize.
Note that Google issues refresh tokens only when a consent screen is displayed
during authorization. If you enable the Userefreshtoken option after a
user has already approved the consent screen, it will not work, as the screen
will not be shown again.
To force the consent screen to appear again for users who have already
approved, use the Prompt option in the Bacularis identity provider
configuration and set its value to consent.
Social login - Google#
Since version
5.4.0, Bacularis supports logging in using Google user accounts.Requirements#
To enable the social login button for Google credentials, ensure the following requirements are met:
Organization support#
Google social login users must belong to an organization that uses this login. Google users cannot be used outside organizations (i.e., without an assigned organization).
User provisioning#
This method fully supports user provisioning.
How to use it#
Before setting up Google social login in Bacularis, prepare the OAuth2
Client IDandClient Secretin the Google developer platform. Create an OAuth2 client at:https://console.cloud.google.com
Navigate to the APIs and Services page, as shown in the screenshot below.
Important notes#
Refresh tokens are supported by both Google and Bacularis. These tokens will only be used if the
Use refresh tokenoption is enabled in the Google identity provider configuration in Bacularis. Otherwise, when the user session expires, it cannot be refreshed automatically and the user will need to re-authorize.Note that Google issues refresh tokens only when a consent screen is displayed during authorization. If you enable the
Use refresh tokenoption after a user has already approved the consent screen, it will not work, as the screen will not be shown again.To force the consent screen to appear again for users who have already approved, use the
Promptoption in the Bacularis identity provider configuration and set its value toconsent.Settings form#
You can configure Google login on the identity providers page:
Below is the identity provider settings form:
Video guide#
You can watch a complete tutorial on Google login integration with Bacularis in the video below.