-
Notifications
You must be signed in to change notification settings - Fork 21.8k
Expand file tree
/
Copy pathauthentication-google.yml
More file actions
73 lines (64 loc) · 3.83 KB
/
authentication-google.yml
File metadata and controls
73 lines (64 loc) · 3.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
### YamlMime:HowTo
metadata:
title: Enable authentication and authorization in Azure Container Apps with Google
description: Learn to use the built-in Google authentication provider in Azure Container Apps.
author: craigshoemaker
ms.author: cshoe
ms.date: 03/23/2026
ms.service: azure-container-apps
ms.topic: how-to
ms.custom:
- ge-structured-content-pilot
title: |
Enable authentication and authorization in Azure Container Apps with Google
introduction: |
This article shows you how to configure Azure Container Apps to use Google as an authentication provider.
To complete the following procedure, you must have a Google account that has a verified email address. To create a new Google account, go to [accounts.google.com](https://go.microsoft.com/fwlink/p/?LinkId=268302).
procedureSection:
- title: |
Register your application with Google
summary: |
Follow these steps:
steps:
- |
Follow the Google documentation at [Google Sign-In for server-side apps](https://developers.google.com/identity/sign-in/web/server-side-flow) to create a client ID and client secret. There's no need to make any code changes. Just use the following information:
- For **Authorized JavaScript Origins**, use `https://<hostname>.azurecontainerapps.io` with the name of your app in *\<hostname>*.
- For **Authorized Redirect URI**, use `https://<hostname>.azurecontainerapps.io/.auth/login/google/callback`.
- |
Copy the App ID and the App secret values.
> [!IMPORTANT]
> The App secret is an important security credential. Do not share this secret with anyone or distribute it within a client application.
- title: |
Add Google information to your application
summary: |
Follow these steps:
steps:
- |
Sign in to the [Azure portal](https://portal.azure.com/) and navigate to your app.
- |
Select **Authentication** in the menu on the left. Select **Add identity provider**.
- |
Select **Google** in the identity provider dropdown. Paste in the App ID and App Secret values that you obtained previously.
The secret will be stored as a [secret](manage-secrets.md) in your container app.
- |
If you're configuring the first identity provider for this application, you're prompted with a **Container Apps authentication settings** section. Otherwise, you may move on to the next step.
These options determine how your application responds to unauthenticated requests. The default selections redirect all requests to sign in with this new provider. You can change or customize this behavior now or adjust these settings later from the main **Authentication** screen by choosing **Edit** next to **Authentication settings**. To learn more about these options, see [Authentication flow](authentication.md#authentication-flow).
- |
Select **Add**.
> [!NOTE]
> For adding scope: You can define what permissions your application has in the provider's registration portal. The app can request scopes at login time which leverage these permissions.
You're now ready to use Google for authentication in your app. The provider will be listed on the **Authentication** screen. From there, you can edit or delete this provider configuration.
- title: |
Working with authenticated users
summary: |
Use the following guides for details on working with authenticated users.
steps:
- |
[Customize sign-in and sign-out](authentication.md#customize-sign-in-and-sign-out)
- |
[Access user claims in application code](authentication.md#access-user-claims-in-application-code)
relatedContent:
- text: Authentication and authorization overview
url: authentication.md
#<!-- URLs. -->
# [Azure portal]: https://portal.azure.com/