(Licensable) Google SSO Configuration with MFA

Single Sign-On helps businesses to deliver a secure and compliant working environment. Ameyo has the support of the Single Sign-On for its Application Server with Microsoft, Google, and LDAP-based services. Ameyo supports Single Sign-On based on OAuth2 for Management Framework Architecture with Google.

Perform the following steps.

1. Login to the Google Developer Account with your Google ID. It shows the following page.

   

   Figure: Google Developer Account

2. Click "Select a Project" option. A modal is opened.

   

   Figure: Project Selection Modal

3. Select the project (if already existed) or click "New Project" option (displayed with a green box in the above screenshot). The following modal is displayed.

   

   Figure: Project Creation Modal

4. Provide the following information in the opened modal.

   1. Project Name: Enter the name of the project in the project name data field.

   2. Organization: Select the name of the organization from the drop-down list.

   3. Location: Select the location where the project will be saved.

   4. :

   

   Figure: Sample Project

5. Click "Create" button. After creating the project, the page redirects to the previous page.

6. Now, click "Enable APIs and Services" button present at the top of the page to enable the APIs.

7. Search for the "Google+" API and enable it.

   

   Figure: Enable Google+ API

8. After enabling the API, the following page is displayed.

   

   Figure: Overview Page of Google+ API

9. Now, go to the credentials tab present at the left sidebar. The following page is displayed.

   

   Figure: Credentials Tab of Google+ API

10. Click "Configure Consent Screen" button to configure the Email address. The following page is displayed.

    

    Figure: Consent Screen Configuration

11. Select the type of the user, which is allowed to use this app. The following two options are present here.

    1. Internal: Select it to allow users within the organization only.

    2. External: Select it to allow all the users with a Google Account.

12. Click "Create" button. The following OAuth form is displayed.

    

    Figure: Consent Form after App creation

13. Fill the consent form that has been displayed, and click "Save" button.

14. Now, click "Create Credentials" button in the "Credentials" tab to create the credentials. Click "Create OAuth Client ID".

    

    Figure: Creating Credentials

15. From the displayed page, select "Web Application" from the drop-down list of Application type.

    

    Figure: Creating OAuth Client ID

16. Enter the following URI in the Authorized JavaScript Origins.

    https://ameyo.com:<PORT_Number_of_Application>

17. Enter the Authorized Redirect URI in the following format:

    <Protocol>://<Domain_Name>:<PORT_Number>/ameyowebaccess/_callback?consumerId=<Consumer_ID>

18. Click "Create" button. A modal is displayed.

19. The displayed modal consists of the OAuth Client Id and Client Secret Keys generated after validation of all the above steps. Copy these keys and keep the pen down, as they have to be used later.

    

    Figure: Generated Client Key and Client Secret Keys