This article provides a step-by-step guide on implementing Google Single Sign-On (SSO) using OpenID Connect in iWeb application. It covers steps on creating a Google Developer project, configuring OAuth credentials, and integrating Google SSO in your iWeb application.
This applies to the NetForum iWeb application from version Winter 2025 Release (35) and later.
Prerequisites
- Need admin access on https://admin.google.com/.
- Need admin access on https://console.cloud.google.com/.
- Need to have an Administrator access on NetForum iWeb application and NetForum Cloud Services.
Procedure
Create a Google Developer Project
1. Login to https://admin.google.com and make sure the users are created in the Google Workspace.
2. Sign in to the Google Cloud Console, https://console.cloud.google.com/.
3. In the Google Cloud console, go to the Nav menu > IAM & Admin > Create a Project.
4. On the New Project form, enter the appropriate details as per your association’s need in the Project name, Organization, Location fields and then click the Create button.
5. Select the newly created Project from the top left Dropdown.
6. Once signed in, click the Navigation button and then click the APIs and services menu.
7. From the displayed menu, click the OAuth consent screen option.
8. On the OAuth consent screen page, select the Internal radio button and then click the Create button.
9. On the Edit app registration page, enter all the required information to setup the OAuth consent screen (Step No.1 on the Edit app registration page).
10. Click the Save and Continue button to move to the Step No. 2: Scopes.
11. Click the Add Or Remove Scopes button.
12. On the Update selected scopes form, select all the Scopes listed and then click the Update button.
13. Click the Save and Continue button and review summary. You will be redirected to the Dashboard.
14. In the APIs and services menu, click the Credentials option and then click the Create Credentials tab.
15. From the displayed list, click the OAuth client ID link.
16. Select the Application type as “Web application”.
17. Enter the desired name in the Name field.
18.Add the iWeb URI and append it with /signin-google in the Authorised redirect URIs field e.g. https://localhost/NFE/iWeb/signin-google and then click the Create button.
NOTE: The Authorized redirect URIs is case sensitive.
19. Copy the Client Id and Client secret from the OAuth client created pop up, it will be required to set up in iWeb web.config.
Configure Google SSO Settings in NetForum
1. In the iWeb web.config file, add below app settings to enable Google SSO.
<add key="EnableGoogleSingleSignOn" value="" />
<add key="googleClientId" value="" />
<add key="googleClientSecret" value="" />- The value for EnableGoogleSingleSignOn should be set to “true” to enable Google SSO (it is case sensitive).
- The value for googleClientId will be the Client Id value that you have copied from the Create Credential screen.
- The value for googleClientSecret will be the Client Secret value that you have copied from the Create Credential screen.
2. Uncomment the below lines in iWeb web.config.
<forms loginUrl="~/Auth" defaultUrl="~/startpage.aspx" name=".ASPXAUTH_nfep2017" cookieSameSite="None" requireSSL="true" />
<location path="Auth">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<location path="Auth/Index">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
<location path="signin-google">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
3. Comment the below line in iWeb web.config.
<forms loginUrl="~/login.aspx" defaultUrl="~/startpage.aspx" name=".ASPXAUTH_nfep2017" cookieSameSite="None" requireSSL="true" />
Note: Above changes are done to change the landing page of iWeb from regular login.aspx to Auth controller.
4. Now visit your NetForum iWeb site, and you will notice the "Sign in with Google" label appearing on the landing page of iWeb.