Configure SSO with OIDC
Deeploy supports SSO with OIDC for Google, Microsoft and Okta.
OpenID Connect with Google
To set up OpenID Connect for Google, follow these steps:
- Go to APIs and services → credentials → create credentials → oauth client id
- Set up a consent screen using the following scopes:
/auth/userinfo.email/auth/userinfo.profile
- Add a web platform and use
https://api.<HOST>/auth/self-service/methods/oidc/callback/googleas the allowed redirect URI
Users are allowed to register based on their Google Account domain and cannot be restricted individually. To restrict users from access within Deeploy, you can use manage users in the admin panel or on workspace level
Check the Google documentation for more detailed information.
Check here to see which values Deeploy expects.
OpenID Connect with Microsoft
To set up OpenID Connect for Microsoft, follow these steps:
- Create a new App Registration
- Use the generated application ID as your
clientId - Within the App Registration, go to manage → authentication → add a platform
- Add a web platform and use
https://api.<HOST>/auth/self-service/methods/oidc/callback/microsoftas the allowed redirect URI - Within the App Registration, go to manage → certificates & secrets → new client secret
- Use this generated secret as your
clientSecret
To restrict or allow access to users, you could:
- Go to the generated Enterprise Application
- Manage users in the users and groups tab
Check the Microsoft documentation for more detailed information.
Check here to see which values Deeploy expects.
OpenID Connect with Okta
Check the Okta documentation for detailed information on how to register Deeploy with Okta for OIDC authentication. Check here to see which values Deeploy expects.