OAuth 2.0 with OpenID Connect with Google provides the ability to use Google as the OAuth vendor and have users login before accessing a web flow in an application.

Configuring a Google API project

Follow Google’s instructions to get a Google API Client ID and set the following scopes:

• Userinfo.email
• Userinfo.profile
• openid

Then in Google’s Cloud Platform, go to Credentials and click on the name of your OAuth 2.0 Client ID:

In Authorized Redirect URIs, add one of the following Redirect URIs, according to where your Org is based:

📘

Redirect URIs

US Realm

https://us.api.prod.airkit.com/internal/session-gateway/oauth/callback

EU Realm

https://eu.api.prod.airkit.com/internal/session-gateway/oauth/callback

AP Realm

https://ap.api.prod.airkit.com/internal/session-gateway/oauth/callback

Then, go back to Credentials and copy the OAuth 2.0 Client ID:

Configuring OAuth in the App

Access your app, go to Configuration Builder > Global and follow these steps:

1. From the App Authentication Type dropdown, select Secure App
2. In Authentication Method, select OAuth 2.0 w/ OpenID Connect
3. As OAuth Vendor, choose Google
4. Finally, paste your Google OAuth 2.0 Client ID and save the app

Authentication Success

After setting up you OAuth authentication, go to Connection Builder and click on the On Authentication Success Event.

The “On Authentication Success” event will run when the user is authenticated. On this event, there is the event namespace where you can access data about the user.

event.attributes

Includes data such as:

• Email
• Picture
• Name
• Locale

event.nameId

nameId refers to the user’s email address they authenticated with.

To access this data and store it in a session variable, In the Inspector section, click on the ‘+’ icon under Actions and add two Set Variable actions from the Data options to get the attributes of the users that signed into the app:

Publish the app and navigate the launch trigger to check that the requested user attributes are retrieved.