SSO - Google

Objective
Prerequisites
Configuration Steps
Concepts
API References

Objective

This document provides instructions on how to configure Google SSO integration to F5® Distributed Cloud Services for your enterprise account. For an overview of F5® Distributed Cloud Console, see About.

Note: SSO setup requires you to be of the tenant owner type user. Navigate to General > IAM > Users. Select on the Show/hide column, select the Type field, and select Apply to display the Type column. For the tenant owner, the Type column displays Tenant Owner and others, it displays User.

Prerequisites

The following prerequisites apply:

A valid Enterprise account.

Note: If you do not have an account, see Create an Account.

Google Cloud Account with Admin Access

Note: This can be an existing G-Suite account.

Configuration Steps

Step 1: Create a project in the Google Developer Console.

Log into Google Developer Console with your administrator access.
Select Create Project.

GOOGLECP 1 — Figure: GCP IAM and Admin View

Enter a project name.
Set a project ID using the EDIT button as per your preference.
Select Create.

Step 2: Start OAuth consent settings.

Select - menu icon to right of Google Cloud Platform in upper-left corner.
Select APIs & Services in pop-out menu.
Select OAuth consent screen.
Select Internal.
Select Create button.

Step 3: Fill in OAuth consent screen details.

Step 4: Create OAuth credentials.

Open Credentials tab.
Select OAuth client ID under Create credentials button.
Create OAuth client ID and client secret.

Note: Leave Authorized redirect URIs field as blank, this can be provided once the URI is obtained from F5 Distributed Cloud Console SSO Portal.

Step 5: Copy the generated credentials.

Once credentials are created a Client ID and Client Secret are generated which are required to set SSO. Copy the same to be provided in F5® Distributed Cloud Console.

Step 6: Start SSO setup in the F5 Distributed Cloud Console.

Features can be viewed, and managed in multiple services.

This example shows SSO setup in Administration.

Open F5 Distributed Cloud Console homepage, select Administration box.

Note: Homepage is role based, and your homepage may look different due to your role customization. Select All Services drop-down menu to discover all options. Customize Settings: Administration > Personal Management > My Account > Edit work domain & skills button > Advanced box > check Work Domain boxes > Save changes button.

Note: Confirm Namespace feature is in correct namespace, drop-down selector located in upper-left corner. Not available in all services.

Select Tenant Settings in left column menu > select Tenant Options.

Note: If options are not showing available select Advanced nav options visible Show link in bottom left corner. Select Hide to minimize options from Advanced nav options mode if needed.

Select Set up SSO button.

Select Google in Please choose a service Provider in pop-up window.
Select Continue button.

Step 7: Set the OAuth credentials and hosted domain.

Provide Client ID and Client Secret obtained from step 5.
Enter domain in Hosted Domain box.
Select Continue.

Note: This example uses ves.io as the domain.

SSOSETUP GOOGLE — Figure: Client ID and Client Secret

Note: The Hosted Domain is the domain where your accounts are hosted and only accounts of that domain are listed. You can also enter * for this field to use any hosted account.

Step 8: Copy the redirect URL.