Google Single Sign-On (SSO)
Setting up SSO for Google in Codefresh requires you to create a client secret for Codefresh in Google, configure SSO settings in Codefresh and then define the redirect URIs, also in Google.
For general instructions on SSO setup, see the overview.
Create Client Secret
- Log in to https://console.developers.google.com/.
- From the sidebar, select Credentials.
- Select Create Credentials, and from the drop-down, select OAuth client ID.
- Do the following:
- From the Application type drop-down, select Web application.
- Enter a Name for your integration (user-defined).
- Select Create.
- From the OAUth client created dialog, note down Your Client ID and Your Client Secret.
You will need the Client ID and secret to configure SSO for Google in Codefresh.
Configure SSO for Google in Codefresh
- In the Codefresh UI, go to Single Sign-On.
- Select + Add Single Sign-On, Google, and then Next.
- Enter the following:
- Client Name: For auto-generation, leave empty. Codefresh generates the client name once you save the settings.
- Display Name: Meaningful name that identifies the SSO provider.
- Client ID: The Client ID generated by Google.
- Client secret: The Client Secret also generated by Google.
- Select Save. Codefresh generates the Client Name.
- Note down the Client Name, as you need it to set the redirect URI in Google.
Set up Redirect URI
- Go back to the Google Console Developer dashboard, and click the edit button on the OAuth 2.0 Client IDs that you created before.
- For Authorized Redirect URIs, in the URIs field, enter the Client Name you noted down to generate the Authorized Redirect URIs
- Example Client Name:
- Example Redirect URI:
- Example Client Name:
This concludes the basic SSO setup for Google.
Synchronize teams via Codefresh CLI
For team/group synchronization you also need a service account. In the Codefresh configuration screen there are some optional fields that you can fill, in order to get team synchronization via the Codefresh CLI. You need to create a service account and delegate user and group permissions to it.
- Create a Service account in Google Console:
- Delegate from the Google admin console the following permissions:
- For that service account, create a private key in JSON format.
- Save the file locally.
- Go back to Codefresh, and in the Google SSO settings page, enter the following:
JSON Keyfile: The contents of the JSON file
Admin email: The user
Now you can synchronize teams using the Codefresh CLI.
What to read next
See the overview page on how to test the integration, activate SSO for collaborators and create sync jobs.