Docsright arrowEdge Stackright arrowSingle Sign-On with Google

2 min • read

Single Sign-On with Google

Create an OAuth client in the Google API Console

To use Google as an IdP for Single Sign-On, you will first need to create an OAuth web application in the Google API Console.

  1. Open the Credentials page in the API Console

  2. Click Create credentials > OAuth client ID.

  3. Select Web application and give it a name

  4. Under Restrictions, fill in the Authorized redirect URIs with

  5. Click Create

  6. Record the client ID and client secret in the pop-up window. You will need these when configuring Ambassador Edge Stack

Set up Ambassador Edge Stack

After creating an OAuth client in Google, configuring Ambassador Edge Stack to make use of it for authentication is simple.

  1. Create an OAuth Filter with the credentials from above:

  2. Create a FilterPolicy to use the Filter created above

  3. Apply both the Filter and FilterPolicy above with kubectl

Now any requests to https://{{AMBASSADOR_URL}}/backend/get-quote/ will require authentication from Google.