Google authentication
Note: This feature is available in Enterprise, AWS, Team editions only.
Table of contents
Google configuration
Enabling Google authentication
Go to the Administration menu and enable Google in the Server configuration tab.
Configuring identity provider
- Go to the Identity Providers tab and create a new configuration using the OpenID details.
Client ID - Client ID from your Google OAuth 2.0 application
Client Secret - Client Secret from your Google OAuth 2.0 application
Configuring Google OAuth 2.0 application
Open identity provider in CloudBeaver, copy Redirect url
, and set up redirect in Google application
Testing Google authentication
The new Federated tab becomes available after creating the configuration in the CloudBeaver authentication dialog. The user can select the configuration and thereafter login into the application using Google SSO.
GCP configuration
In the CloudBeaver, it's possible to view and work with databases hosted in GCP, without the need to manually configure each connection to the database. To do this, you need to configure the integration of Google Identity provider with GCP.
Enable GCP Services
Go to the Administration menu and enable GCP services in the Server configuration tab.
Add custom scopes to the Google Identity Provider
- Go to the Identity Providers tab and open your existing Google provider.
- Enable
Add custom scopes
checkbox - this will allow you to specify additional scopes for your identity provider, and expand its capabilities - Specify the following scopes:
https://www.googleapis.com/auth/spanner.admin;https://www.googleapis.com/auth/bigquery;https://www.googleapis.com/auth/cloud-platform;https://www.googleapis.com/auth/devstorage.full_control
Scope | Description |
---|---|
https://www.googleapis.com/auth/spanner.admin | Allow to administrate Spanner databases |
https://www.googleapis.com/auth/bigquery | Allow to view and manage your data in Google BigQuery |
https://www.googleapis.com/auth/cloud-platform| Gives access to the GCP and is needed to read a list of databases | |
https://www.googleapis.com/auth/devstorage.full_control | Allow to manage BigQuery data |
Testing
After setting up the provider, you need to re-login. Now you can open Cloud connections
in the connection creation menu, if everything is configured correctly - you will see your project and databases in it