Single Sign On
Governor supports Single Sign On using OAuth2 or SAML.
Setting up OAuth2
OAuth2 is supported with the following clients:
-
Google
-
Microsoft
-
GitHub
For setting up OAuth2 single sign on, provide the necessary application properties for the respective clients. See Spring Boot reference for the documentation. Governor supports GitHub, Google and Microsoft via the following set of properties:
spring.security.oauth2.client.registration.github.clientid
spring.security.oauth2.client.registration.github.clientsecret
spring.security.oauth2.client.registration.github.redirecturi
spring.security.oauth2.client.registration.google.clientid
spring.security.oauth2.client.registration.google.clientsecret
spring.security.oauth2.client.registration.microsoft.clientid
spring.security.oauth2.client.registration.microsoft.clientsecret
Setting up clientid
property for any of this will enable the respective icon on the authentication form.
Setting up SAML
SAML is supported with the following providers:
-
Google
In order to set up SAML for, you have to provide a reference to metadata file in the following application property:
spring.security.saml2.relyingparty.registration.google.assertingparty.metadata-uri=file:/GoogleIDPMetadata.xml
The GoogleIDPMetadata.xml
is provided when you set up a SAML application for your Google cloud domain.