You can enable SSO using Google as your identity provider.
- Create a Google OAuth client ID:
Prior to enabling Google SSO, you must create authorization credentials for Automation Suite
from the Google Console.
- Integrate Google Sign-In and create an OAuth client ID as follows:
For the Authorized redirect URI, add the https://{yourDomain}/{organizationName}/identity_ URL, plus the suffix /google-signin
. For example, https://{yourDomain}/{organizationName}/identity_/google-signin
.
- Save the Client ID and Client Secret. You'll use them later when you enable Google SSO from the
host portal
.
- Configure Google SSO:
Now you must configure Google as an external identity provider inAutomation Suite
.
- Log in as a system administrator.
- Make sure that Host is selected at the top of the left pane and then select Security.
- Under Google, select Configure.
- Select the Force automatic login using this provider checkbox if you want to only allow login with Google.
- In the Display Name field, type the text you want to show under this login option on the Login page.
- In the Client ID field, paste the value obtained from the Google Console.
- In the Client Secret field, paste the value obtained from the Google Console.
- Select Save in the bottom right to save your configuration and return to the previous page.
- Select the toggle to the left of Google SSO to enable the integration.
- Restart the identity-service-api-* pod. This is required after making any changes to External Providers.
-
Connect to the primary server using SSH.
-
Run the following command: kubectl -n uipath rollout restart deployment identity-service-api
- Allow Google SSO for the organization:
Now that Automation Suite
is integrated with Google Sign-In, user accounts that have a valid Google email address can use the Google SSO option on the Login page to sign in.
Each organization administrator must do this for their organization if they want to allow login with Google SSO.
- Log in as an organization administrator.
- Add user accounts, each with a valid Google email address.