meutel/oauth2_proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Google auth configuration screen flow has changed

Browse Source
This commit is contained in:
Srivatsa Ray 2015-08-09 12:08:21 -07:00
parent 5ff8aa3581
commit 85fcd66be6
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -42,13 +42,12 @@ For Google, the registration steps are:
1. Create a new project: https://console.developers.google.com/project 1. Create a new project: https://console.developers.google.com/project
2. Under "APIs & Auth", choose "Credentials" 2. Under "APIs & Auth", choose "Credentials"
3. Now, choose "Create new Client ID" 3. Now, choose "Create new Client ID"
* The Application Type should be **Web application** * The Application Type should be **Web application** and click **Configure Consent Screen**
* Enter your domain in the Authorized Javascript Origins `https://internal.yourcompany.com` * Fill out the appropriate details on the Consent Screen page and hit **Save**
* On the next screen, leaving **Web Application** checked, enter your domain in the Authorized Javascript Origins `https://internal.yourcompany.com`
* Enter the correct Authorized Redirect URL `https://internal.yourcompany.com/oauth2/callback` * Enter the correct Authorized Redirect URL `https://internal.yourcompany.com/oauth2/callback`
* NOTE: `oauth2_proxy` will _only_ callback on the path `/oauth2/callback` * NOTE: `oauth2_proxy` will _only_ callback on the path `/oauth2/callback`
4. Under "APIs & Auth" choose "Consent Screen" 4. Take note of the **Client ID** and **Client Secret**
* Fill in the necessary fields and Save (this is _required_)
5. Take note of the **Client ID** and **Client Secret**
It's recommended to refresh sessions on a short interval (1h) with `cookie-refresh` setting which validates that the account is still authorized. It's recommended to refresh sessions on a short interval (1h) with `cookie-refresh` setting which validates that the account is still authorized.