Skip to main content

Set up SSO with Google Cloud Platform

This guide walks through enabling single sign-on (SSO), so your Workspace can access the emnify Portal using your Google Cloud Platform credentials.

Prerequisites

  • A Google account that's a user within a Google Cloud Platform organization
  • An emnify account using the same email address as the one used to sign in to Google
warning

If your email address used in the emnify Portal differs from the one used to log in to Google, this setup won't work. You can verify your email in User Settings.

Instead, add an additional user with the Administrator role. To do this, go to Workspace settings > Users.

Register emnify in Google

First, you need to register emnify in the Google Cloud Platform console and retrieve an OAuth 2.0 client ID and client secret.

Select or create an emnify project

Log in with your Google account and navigate to the APIs & Services dashboard.

Select your organization's project for managing OAuth credentials for emnify.

If you don't already have a designated project, create one with the following steps:

  1. Click New Project.
  2. If prompted, agree to the terms of service.
  3. Enter a Project name (for example, "emnify SSO") and Location.
  4. Click Create, then you should land on the Enabled APIs & Services page.
  5. In the APIs & Services navigation bar, click OAuth consent screen.
  6. Choose the User Type for your project.
  7. Specify app information about emnify (App Name, User support email, and Developer contact information are necessary, but all other fields are optional).
  8. (Optional) Define any Scopes or Test Users.
  9. Click Save and Continue to proceed.
  10. Navigate to the summary screen, review your settings, and click Back to Dashboard.

Get an OAuth client ID and Secret

Use the Credentials option to retrieve the OAuth client ID and secret that you'll enter into the emnify Portal.

  1. Head to Credentials in the APIs & Services navigation bar.
  2. Click + Create Credentials (on the top next to the page header), then select the OAuth client ID option.
  3. In the Application type list, select Web application.
  4. Enter a Name (for example, "emnify Portal" or "Enterprise Portal").
  5. Set an Authorized redirect URI with the value: https://prod-e5.okta.com/oauth2/v1/authorize/callback
  6. Click Create and wait for the OAuth client created modal to appear.
  7. Copy the displayed values (you'll need them later) or download the provided JSON.
tip

You can access your client ID and secret at any time in your Google Cloud Platform console on the Credentials page.

Configure the emnify Portal

  1. Log in to the emnify Portal.
  2. Go to Workspace settings (building icon) in the top-level navigation and click Single Sign-On.
  3. If you need SSO enabled for your account, contact emnify support. Otherwise, click Add under the Google SSO provider.
  4. Enter the Client ID and Client Secret you copied earlier, then click Create and Activate.
  5. Once you're back on Single Sign-On, you should see Google listed as a Provider.
  6. Finally, click Verify Integration and follow the prompts.
warning

You must complete the final step and verify the provider to configure SSO.

tip

Refer to the Troubleshooting page if you encounter issues while setting up SSO.