NOTE: At this time we do NOT support IDP initiated integration. This is on our roadmap but hasn't been implemented yet. Please use SP Initiated Authentication in the meantime.
Users need to already have an account with Plextrac before they can be authorized to use an alternative sign on method. There is currently no way to register a user directly through the 3rd party provider.
The users' email in Plextrac needs to be the same as the email the user will authenticate with through the 3rd party.
3rd party authentication cannot be used for direct api access/authentication
Create an account at https://console.developers.google.com/apis/credentials
Go to the Google API Console. Click Create project, enter a name, and click Create.
3. On the left select OAuth consent screen, and select Internal User type and click create
4. Enter the application name, and make sure the following scopes are supported: email, profile, openid. Hit save.
6. Under Authorized redirect URI’s add
/api/v2/authenticate/google. Press create.
7. Copy the Client ID and Secret that are shown.
8. Login to plextrac as a global admin or tenant admin
9. Navigate to the "Account Admin" section by clicking on your profile in the top right
10. Under the tab bar on the left select Authentication, and then pick Google in the drop down.
11. For the provider url, enter https://accounts.google.com
12. Enter your client secret and id from the previous steps, and toggle "Enabled." Press save.
13. Click Users under the tab options on the left.
14. Using the drop down for Authentication Method, non global admin users can be authorized to log in with google.