- Get a Google Oauth Client ID and Client secret
- Get A JSON file containing the credentials to a Service Account
- Get an email address for a Domain Administrator in your Google account.
- Upload service account credentials and email address to Otto
- Restart Otto
- Configure Custom OAuth
1. Setup standard Google OAuth
Start by following the FileMaker Server OAuth instructions for Google. Once you have completed those instructions you will be ready to start with the additional setup for Otto.
2. Setup Service Account
The goal here is to get a JSON file containing the credentials for a special Service accounts that will let Otto get the Google Groups that a user is a member of. We do that by setting up the account and then getting the "Keys".
Rename that json file to
google.credentials.json. Save it for step 4.
3. Domain Admin email
This email address is only used in an API call to get the Google Groups that a user is a member of. It is not used for anything else. Put the email address on the first and only line of a text file, named
google.admin.email.txt. Save it for step 4.
4. Upload credentials
Upload the two files from steps 2 and 3 to Otto, using the FileManager.
5. Restart Otto
Restart Otto. You can use the restart button on Otto's home page.
6. Configure custom OAuth
Fill out Custom IdP Authentication Settings
Enable Database Sign In for your custom Identity Provider
Verify your provider