Single Sign On

Governor supports Single Sign On using OAuth2 or SAML.

Setting up OAuth2

OAuth2 is supported with the following clients:

Google
Microsoft
GitHub

For setting up OAuth2 single sign on, provide the necessary application properties for the respective clients. See Spring Boot reference for the documentation. Governor supports GitHub, Google and Microsoft via the following set of properties:

spring.security.oauth2.client.registration.github.clientid
spring.security.oauth2.client.registration.github.clientsecret
spring.security.oauth2.client.registration.github.redirecturi
spring.security.oauth2.client.registration.google.clientid
spring.security.oauth2.client.registration.google.clientsecret
spring.security.oauth2.client.registration.microsoft.clientid
spring.security.oauth2.client.registration.microsoft.clientsecret

Setting up clientid property for any of this will enable the respective icon on the authentication form.

Setting up SAML

SAML is supported with the following providers:

Google

In order to set up SAML for, you have to provide a reference to metadata file in the following application property:

spring.security.saml2.relyingparty.registration.google.assertingparty.metadata-uri=file:/GoogleIDPMetadata.xml

The GoogleIDPMetadata.xml is provided when you set up a SAML application for your Google cloud domain.