Google Identity Platform 3rd party access?

Question

My question is how a 3rd party developer would login users through my Identity Platform? I looked at the documentation but found nothing.

Essentially I want to use Identity Platform as an OIDC Provider, but I don't know if that's supported.

Answer 1

Cloud Identity Platform is based on Firebase Auth product (literally because the documentation and the Javascript to add are still in Firebase perimeter!).

This product allows you to delegate the authentication to a third party, either Firebase auth if you use login/password authentication, or to connect Identity Provider (IdP).

There is several built in IdP like Google, LinkedIn, Facebook, Twitter,... and you can add custom Auth0 provider (SAML) and OAuth2 provider (OIDC).

The platform only allow you to perform an authentication and then redirect the user to YOUR app. Then, it's to YOUR app to ensure the correct authorisations and roles of the user.

All of this for saying to you:

• Think about firebase Auth feature: originally, it has been designed to authenticate user that wants to connect to Mobile App, on Android. Today it's the same thing but, in addition, for your web app
• It's designed for YOUR application with YOUR roles and authorisations. By the way, if your target is to allow your 3rd party developers to log into Google Cloud console thanks to this authentication mode, it's not possible.

But, stay tuned, awesome things are coming soon on this field

Answer 2

John is right, more details would help. But if I had to guess you are referring to the fact that Google Cloud Platform IAM does not handle Identity part only authorisation. You could, however use G Suite or Google Directory Sync (which can integrate with LDAP server or Active Directory.

You can refer to the link below which shows you how you can integrate with OIDC:

https://cloud.google.com/solutions/authenticating-corporate-users-in-a-hybrid-environment