Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.




Info

Before starting, please check in the General Settings the Single Sign-On property has been turned on!


Image Modified

Creating a Google API Console project and client ID


Info

For any additional information please refer to the Official Google Documentation here



  • Create a project if you need


  • Now you can add the credentials to access the APIs, click "Create credentials" and select "OAuth client ID"

  • Configure the consent screen if required


  • Once you complete the consent screen configuration, you can continue to creating credentials


Note

Insert in the authorized URIs field the URI related your Motion server

https://{{MOTION_IP}}/api/auth/google/callback


  • Save and get you client credentials


  • Enable Google People API: browse the APIs libraries and select the Google People API


Motion server configuration

edit the file /var/opt/motion2/server/config/environment/production.js

and replace the following rows:

Code Block
languagejs
google: {
        clientID: process.env.GOOGLE_ID || 'id',
        clientSecret: process.env.GOOGLE_SECRET || 'secret',
        callbackURL: (process.env.DOMAIN || 'https://YOUR_MOTION_IP') + '/api/auth/google/callback'
    }

with the Google application ID, example:

Code Block
languagejs
   google: {
        clientID: process.env.GOOGLE_ID || '1234567890-abcdefghijklmnopqrstuvwxyz.apps.googleusercontent.com',
        clientSecret: process.env.GOOGLE_SECRET || 'abc-123456abcdefghijklmn',
        callbackURL: (process.env.DOMAIN || 'https://pbx2.xcally.com') + '/api/auth/google/callback'
    }


restart the motion service to apply the change

Code Block
su motion
pm2 restart motion2


User authentication

In order to use the Google SSO, the XCALLY users must have the proper Google account set as "email" in the Motion Staff section.

If they are already logged into the Chrome browser, they need just to click on 

Image Modified

Otherwise, Google will ask them the account credentials



Filter by label (Content by label)
showLabelsfalse
max5
spacesXMV
showSpacefalse
sortmodified
reversetrue
typepage
cqllabel in ( "google" , "users" , "web-interface" , "agents" , "sso" ) and type = "page" and space = "XMV"
labelsGoogle SSO web-interface agents users

Page Properties
hiddentrue


Related issues