Google OIDC SSO Integration
Last updated
Was this helpful?
Last updated
Was this helpful?
Was this helpful?
These instructions will help administrators configure Fiddler for use with an existing Google single sign-on application.
Set up an OAuth 2.0 client in Google:
Navigate to the Google Auth Platform Clients page.
You will be prompted to create a project if you do not have one selected.
You will be prompted to register your application to use Google Auth if you are yet to do so. This is required before creating a client.
Click on "Create Client".
Select "Web Application" as the application type.
Set "Authorized redirect URIs" as {base_url}/api/sso/google/callback
(replace {base_url}
with your Fiddler deployment URL).
Click on "Create" to create the client.
Copy the Client ID and Client secret for the newly created OAuth Client.
Share the following details with the Fiddler services team:
Client ID
Client secret
Note: We do not support group sync from Google Workspace.
Create a <secret-filename>.yaml
file using this template:
apiVersion: v1
kind: Secret
metadata:
name: fiddler-sso-google-credentials
namespace: <NAMESPACE_NAME>
stringData:
sso-google-client-id: <CLIENT_ID>
sso-google-client-secret: <CLIENT_SECRET>
type: Opaque
Important:
π Donβt use doubles quotes anywhere in values in above yaml. For example, if the Client ID is β12345β - the value is
12345
and notβ12345β
.
Apply the Kubernetes secret to your cluster:
kubectl apply -f <secret-filename>.yaml -n fiddler
Update your Helm values file with these settings:
fiddler:
auth:
sso:
provider: google
google:
secretName: fiddler-sso-google-credentials
Note: The new SSO settings apply once deployments are updated.