CloudBeaver Documentation

DOWNLOAD pdf

Google authentication

Note: This feature is available in Enterprise, AWS, Team editions only.

Google configuration

Enabling Google authentication

Go to the Administration menu and enable Google in the Server configuration tab. image

Configuring identity provider

  1. Go to the Identity Providers tab and create a new configuration using the OpenID details. image

Client ID - Client ID from your Google OAuth 2.0 application

Client Secret - Client Secret from your Google OAuth 2.0 application

Configuring Google OAuth 2.0 application

Open identity provider in CloudBeaver, copy Redirect url, and set up redirect in Google application

Testing Google authentication

The new Federated tab becomes available after creating the configuration in the CloudBeaver authentication dialog. The user can select the configuration and thereafter login into the application using Google SSO.

image

GCP configuration

In the CloudBeaver, it's possible to view and work with databases hosted in GCP, without the need to manually configure each connection to the database. To do this, you need to configure the integration of Google Identity provider with GCP.

Enable GCP Services

Go to the Administration menu and enable GCP services in the Server configuration tab. image

Add custom scopes to the Google Identity Provider

  • Go to the Identity Providers tab and open your existing Google provider.
  • Enable Add custom scopes checkbox - this will allow you to specify additional scopes for your identity provider, and expand its capabilities
  • Specify the following scopes:
https://www.googleapis.com/auth/spanner.admin;https://www.googleapis.com/auth/bigquery;https://www.googleapis.com/auth/cloud-platform;https://www.googleapis.com/auth/devstorage.full_control
Scope Description
https://www.googleapis.com/auth/spanner.admin Allow to administrate Spanner databases
https://www.googleapis.com/auth/bigquery Allow to view and manage your data in Google BigQuery
https://www.googleapis.com/auth/cloud-platform| Gives access to the GCP and is needed to read a list of databases
https://www.googleapis.com/auth/devstorage.full_control Allow to manage BigQuery data

image

Testing

After setting up the provider, you need to re-login. Now you can open Cloud connections in the connection creation menu, if everything is configured correctly - you will see your project and databases in it image