Google (OIDC)

Owned by Panagiotis Papanastasiou
Last updated: Oct 23, 2023 by Oleg Melnykov
5 min read

 

Google authentication has been introduced for allowing single sign-on between Google and your Storefront. Users that have already logged in to Google will be able to automatically login to your Storefront without entering their credentials.

 

 

Setting up Google OIDC  Step 1

To enable the Google authentication feature in Storefront, please proceed with the following guide:
Go to this link: https://console.cloud.google.com/home/ and click on the APIs & Services option from the vertical main menu.

Next, click on the APIs & Services > Credentials sub-option from the vertical main menu.

Then click on the "+ Create Credentials" button and select the "0Auth client ID" option to register an application.



On the following pop-up window, choose the "Web application" option as the Application type and enter a name for your application under the Name text field. Example: "Web client 1"

Continue by clicking on the "Create" button.

 

From the next window, copy and store for later use, the "Client ID" and the "Client secret".
You can also find them both by clicking on the application located inside the "Credentials" section (OAuth 2.0 Client IDs) in the overview page. 

Setting up the BSS Mechanism  Step 2

Now on BSS, go to: BSS Setup > Administration > System Options > Storefront Login Settings (as explained on this Documentation). 
Click on the Google "Settings (OIDC)" button.

ID and Secret - Setup

On the following page, you are required to utilize the previously-stored IDs from "Step 1" and paste them to their corresponding fields. More specifically:

  • Provide a name to the Instance Name text field.

  • Paste your stored [Client ID] to the Client Id text field.

  • Paste your stored [Client Secret] to the Client Secret text field.

 

Please note that the Allow Automatic Registration option in the the Advanced Settings section of this page is critical for the registration process. The BSS registration process can only be initiated if this option is enabled. If the checkbox is unchecked, the BSS registration process cannot be initiated, and the authentication will not proceed.

 

Saving Configured Changes

After you have finished with this page's configuration, you must click on the "Save" button. 

Now that you have saved all those aforementioned settings of this page, you can copy and store, for later use, the following URL:

  • The "Callback Url".

Setting up Google OIDC - Continued  Step 3

Now, by going back to the https://console.cloud.google.com/home/ you can perform the next five easy actions:

  • Click on the "APIs & Services > Credentials" sub-option.

  • Find the application with name "Web client 1" or any other name that you have assigned to your application during its creation.

  • Click on the "+ Add URI" button under the section "Authorized redirect URIs".

  • On the text field that appears, paste your stored [Callback Url]

    .

  • Click on "Save".

Testing & Activation  Step 4

The final steps of the initialization of the External Authentication feature require you to once more go back to the BSS Setup > Administration > System Options > Storefront Login Settings and click on the "Settings (OIDC)" button.

  • Click the "Activate" button on the top bar.

  • Copy the "Authenticate Url" and open a new web browser tab to paste that URL.

  • Your web browser will redirect you to Google to log in with your Google credentials.

  • After a successful login, you will redirect back to the Storefront, and our system will log in/register you.

By clicking on the "Show Authentication" button from the top bar and the External Authentication will from now on be available to the Storefront.

First Storefront Login with Google Credentials 

After the configuration and activation of the Google external authentication for Storefront, you can log in to Storefront via your Google credentials. 

You can click on the "Google" button, located under the External Authentication section.



Provide your corresponding credentials on the new Google login page that you are redirected to or choose one of your "Google Login" saved accounts (if applicable). 

After a successful login, you are again redirected to our Storefront.

If the registration form appears, it will do so only once and with it, you can:

  • Either update your pre-existing BSS account as well as your BSS contact,

  • Or register a BSS account as well as a BSS contact, since the external identity provider does not possess all the required information that our systems need if there is no pre-existing BSS account.

If you have updated your pre-existing BSS account via the registration form as well as accepted the "terms of use" via the dedicated checkbox and clicked on the "Update" button, the Storefront is now fully accessible to you.

If you have registered a BSS account as well as a BSS contact by filling in all the required fields as well as accepting the "terms of use" dedicated checkbox and clicking on the "Update" button, a BSS account and contact are created based on the provided information, and the Storefront is now fully accessible to you.

As a result, the account and contact that have been created in our BSS are now connected with the Google account used to login to the Storefront.