Google OIDC SSO Integration

These instructions will help administrators configure Fiddler for use with an existing Google single sign-on application.

Google Setup:

  1. Set up an OAuth 2.0 client in Google:

  • Navigate to the Google Auth Platform Clients page.

    • You will be prompted to create a project if you do not have one selected.

    • You will be prompted to register your application to use Google Auth if you are yet to do so. This is required before creating a client.

  • Click on "Create Client".

Creating OAuth Client
  • Select "Web Application" as the application type.

  • Set "Authorized redirect URIs" as {base_url}/api/sso/google/callback (replace {base_url} with your Fiddler deployment URL).

  • Click on "Create" to create the client.

Setting up OAuth Client
  • Copy the Client ID and Client secret for the newly created OAuth Client.

Copy OAuth Client ID and Client secret
  1. Share the following details with the Fiddler services team:

    • Client ID

    • Client secret

Note: We do not support group sync from Google Workspace.

Deployment instructions

  1. Create a <secret-filename>.yaml file using this template:

    apiVersion: v1
    kind: Secret
    metadata:
      name: fiddler-sso-google-credentials
      namespace: <NAMESPACE_NAME>
    stringData:
      sso-google-client-id: <CLIENT_ID>
      sso-google-client-secret: <CLIENT_SECRET>
    type: Opaque

    Important:

    📘 Don’t use doubles quotes anywhere in values in above yaml. For example, if the Client ID is “12345“ - the value is 12345 and not “12345”.

  2. Apply the Kubernetes secret to your cluster:

    kubectl apply -f <secret-filename>.yaml -n fiddler
  3. Update your Helm values file with these settings:

    fiddler:
      auth:
        sso:
          provider: google
          google:
            secretName: fiddler-sso-google-credentials

Note: The new SSO settings apply once deployments are updated.

Last updated

Was this helpful?