I'm unable to customize the authorisation callback URL to my custom domain when adding a new SAML provider in Google Cloud Identity platform. I took the following steps: I successfully connected my domain via the firebase console : the status says 'Connected', and the SSL certificate has been provisioned. In Identity Platform, I added my custom domain to the authorized domains on the project level. I'm trying to add a SAML provider for a tenant. I cannot edit the callback url in the cloud console. Also, when adding the provider with a custom url via a client SDK, the provider is created, but again with the default url. Any pointers? From the documentation:

firebasegoogle-cloud-platformsamlgoogle-cloud-identity

Reputation: 7129

Unable to customize authorisation callback URL for SAML provider after connecting custom domain

I'm unable to customize the authorisation callback URL to my custom domain when adding a new SAML provider in Google Cloud Identity platform. I took the following steps:

I successfully connected my domain via the firebase console: the status says 'Connected', and the SSL certificate has been provisioned.
In Identity Platform, I added my custom domain to the authorized domains on the project level.
I'm trying to add a SAML provider for a tenant.

I cannot edit the callback url in the cloud console. Also, when adding the provider with a custom url via a client SDK, the provider is created, but again with the default url.

Any pointers?

From the documentation:

Upvotes: 1

Answers (2)

Kwame Opare Asiedu

Reputation: 2355

I tried @Puteri's answer, but got access-blocked when the authentication popup appeared. The documentation is not wrong, it just doesn't indicate where to update the callback URI.

To update the callback URI:

Visit your Firebase project in the Google Cloud Platform
Navigate to APIs & Services > Credentials
Under the "OAuth 2.0 Client IDs", you'll see an entry auto-created by Google service.
Click on the "Web client" entry to scroll all the way down to see the authorized callback section. Here, you can add the authorized callback for your custom domain

EDIT

Be sure to also add the domain name to the Authorized Javascript origins section

Upvotes: 1

Puteri

Reputation: 3789

This is expected.

The real issue is that the docs give the understanding of changing the callback URL in the console but you should change the authDomain in your code rather than in the GCP console and when making the request, you will see the callback URL using your custom domain.

For example, if in your code you have:

const config = {
  apiKey: "dsfdsDSSDDSFSDfsdf5ds14f5s",
  authDomain: "PROJECT_ID.firebaseapp.com",
};

You only have to change the authDomain for example to:

const config = {
  apiKey: "dsfdsDSSDDSFSDfsdf5ds14f5s",
  authDomain: "login.mydomain.com",
};

The only condition to make this work is that the domain you want to use is in the Authorized domains.

Upvotes: 4

Unable to customize authorisation callback URL for SAML provider after connecting custom domain

Answers (2)

Related Questions