How To: Add Google Sign In (Identity Provider) Services to Virtuoso's Authentication Layer (VAL)

Here are the steps for integrating Google’s Identity Provider Services into VAL i.e., Google’s OpenID Connect Compliant Identity Provider (IdP) functionality as one of the IdP options exposed via VAL.

Conceptually, the process is as follows:

  1. Register your VAL-enabled Virtuoso instance as an Application (the Relying Party) with Apple’s Identity Provider Services
  2. Add Apple’s Identity Provider to the the collection of IdPs registered with your VAL-enabled Virtuoso instance .

Application (Relying Party) Registration Related Steps

  1. Register an Application with Google via Google Cloud (you must have a Google Cloud account)
  2. Register your Application which includes Naming and setting up a Callback URL

  1. Generate a Shared Secret (Private Key) for your App

At this juncture you have an App ID and its associated Shared Secret in place.

VAL Setup Steps

This is achieved via the Conductor or OAuth Idp Admin UI (https:/{your-instance-cname}/oauth/admin.vsp).

Irrespective of interface, the steps are as follows, in regards to registering a new Custom IdP:

  1. Goto https://{cname}/oauth/admin.vsp

  2. Click on the “Add OAuth API Keys” button; and then unhatch the “custom provider” checbox due to the fact that VAL includes an OAuth Provider Template for Google

  1. Fill in the Application ID and Shared Secret

  2. Save

  3. Test VAL authentication via SPARQL endpoint or other services that use VAL for authentication

Here is a screencast demonstrating VAL using OpenID Connect for loosely-coupled interaction with OAuth Identity Providers.