NOTE: The following steps apply to Orchid Fusion 22.9.0 and greater.
Creating the Google credentials
The first step in enabling Google authentication is to create an OAuth client id that Fusion will use to identify itself with Google OAuth servers. To create them, navigate and login to https://console.cloud.google.com. Once logged in, follow these steps:
- Click Credentials
- Click Create credentials and select OAuth client ID
- Select Web application
- Set the name to Fusion
- Enter https://<servername>:<port>/redirect.html under Authorized redirect URIs
- Click Create
- Copy the Client ID, Client Secret, and Redirect URI
Configuring users in Fusion
Fusion users now need to be associated with Google accounts. For each user that would like to log in using a Google account, create or modify their Fusion account and specify their Google account in the email address field.
To enable Google authentication, you will need to modify your Fusion’s properties file and then restart Fusion:
- On Linux systems this file is typically located at /etc/opt/fusion/fusion.properties.
- On Windows systems, this file is typically located at C:\Program Files\IPConfigure\Fusion\conf\fusion.properties.
Add (or modify) the following configuration lines in your server’s properties files:
- authentication.google.oauth.clientid = <your client id> Replace <your client id> with the client id given to you when configuring your OAuth client in Google.
- authentication.google.oauth.secret = <your secret> Replace <your secret> with the client secret given to you when configuring your OAuth client in Google.
- authentication.google.oauth.redirect = <your redirect url> Replace <your redirect url> with the redirect url given to you when configuring your OAuth client in Google.
Note: When using Chrome as the browser it may be necessary to restart the Chrome process if the user is currently logged into the browser and is having trouble logging in with their Google credentials.