Skip over navigation
Documentation
You are currently viewing documentation for a previously released version of OroCRM. See the latest long-term support version.

Google Single Sign-On Capabilities for OroCRM

OroCRM supports Google Single Sign-On capabilities. This means that for a user that has the same primary email in the OroCRM and Google accounts, it is enough to log-in only once during a session.

Note

See a short demo on how to configure Google Single Sign-On, or keep reading the step-by-step guidance below.

Google Side

Create Project

To configure such capability on the Google side:

  • Open Google API Console
  • Navigate to My Project selector in the top left corner and click Create Project.
../../../_images/create_project.jpg
  • Define the Project Name and click Create.
../../../_images/new_project.jpg

Create Credentials

  • Click Credentials in the menu on the left and open Credentials tab.
../../../_images/create_credentials.jpg
  • Click Create Credentials and select 0Auth client ID.
../../../_images/create_credentials_2.jpg
  • To create an OAuth client ID, you should first set a product name on the consent screen.

OroCRM Side

Configure Google Integration

  • Navigate to System in the main menu and click Configuration.

  • In the left menu, click Integrations>Google Settings.

  • Define the following fields for Google Integration Settings:

    FieldDescription
    Client IDThe Client ID generated in the API console.
    Client SecretThe Client Secret generated in the API console.
    Google API KeyThe API Key generated in the API console. Provide a valid Google API key to activate maps for addresses in the system.
  • Define the following fields for Google Sign-on:

    FieldDescription
    EnableCheck Enable.
    DomainsDomains is a comma separated list of allowed domains. It limits the list of mailboxes for which single sign-on can be used (e.g., only a domain used specifically by your company). Leave the field empty to set no such limitation.
    OAuth 2.0 for email syncCheck Enable.
../../../_images/oro_google_integration_new.jpg

Using Google Sign-on

When a user gets to the login page of an instance for which single sign-on capability has been enabled, a Login Using Google link will appear.

../../../_images/login_using_google.jpg
  • If the user is not logged into any Google accounts after the link has been clicked, a usual Google log-in page will appear.
  • As soon as the user has logged into their Google account, a request to use the account in order to log-in to OroCRM will appear (details defined for the consent screen will be used).
../../../_images/google_connection.jpg

For now on, for a user logged-in into a Google account, it is enough to click the Login using Google link to get into OroCRM.

Note that the email used for the Google account and the primary email of the user in OroCRM must be the same.

Browse maintained versions:2.62.32.01.12
Forums
Back to top