Skip to main content
Post a question

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id : N4naEc3WIhdHk1ba3X848V
Dynamics 365 Community / Blogs / Microsoft Dynamics 365 Portals Support Blog / Portal Authentication, Part...

Portal Authentication, Part 2: OpenID Authentication with Google

Red Hodgerson Profile Picture Red Hodgerson
26 Jul 2017

Edited on 7/31/2019 : Added 'Scope' Site Setting .  It worked without the setting, but would not auto populate email address and name in new user profiles. Also, this entire setup (while still working at the moment) is deprecated in favor of using Azure AD B2C. You can find the setup for that at https://docs.microsoft.com/en-us/dynamics365/customer-engagement/portals/azure-ad-b2c and https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-goog-app 

 

This is the second in a series of blogs demonstrating the different authentication methods that can be used with your Portal. 

 

Introduction

Users to your Portal will likely accounts created on many different platforms and in this series, we will go over the authentication options you have available with Portals and the different methods to configure them.  In this part of the series we will focus on configuring the bare minimum to use Google OpenID Connect authentication with a v9.x Portal. 

Note: This post assumes you already have a Dynamics 365 for Customer Engagement instance and a v9.x Portal configured and working properly already and that you are an System Admin in the D365 instance.  

 

1.    Go to https://console.developers.google.com  and log in with a Google account (Create one at https://accounts.google.com/SignUp if needed)

2.    Select the Select a Project dropdown to the left of the search box search box.

 

image001.png

 

3.    Click "+".

image002.png

 

4.    Name your project anything you want and click Create

 image003.png

 

5.    Select the Select a Project dropdown to the left of the search box search box again.

 

6.    Pick the project you just created and click "OPEN".

 

7.    On left, click "Credentials".

 

image004.png

 

8.    Click "Create Credentials" and choose "OAuth client ID"

 

image005.png

 

 

9.    Click "Configure consent screen"

 

10.  Add a "Product name shown to users" click Save.

 

image006.png

 

11.  Choose Web application and click Create.

 

image007.png

 

12.  Set "Authorized redirect URIs" to "https://<your full portal domain>/signin-google" and click Create.

a.       Save your client ID and client secret somewhere safe, you’ll need these for the Portal configuration.

13.  Go to your Dynamics 365 for Customer Engagement instance (https://<your instance >.crm.dynamics.com/).

14.  Go to Portals->Site Settings  and add  and save the following:

a.       Name: “Authentication/OpenIdConnect/Google/Authority”

i.      Value: “https://accounts.google.com” (It’s important here you don’t add an extra “/” on the end of this URL)

b.       Name: “Authentication/OpenIdConnect/Google/ClientId”

i.      Value: “<client ID from step 12>”

c.       Name: “Authentication/OpenIdConnect/Google/ClientSecret”

i.      Value: “<client secret from step 12>”

d.       Name: “Authentication/OpenIdConnect/Google/RedirectUri”

i.      Value: “https://<your full portal domain>/signin-google"”

e. Name: “Authentication/OpenIdConnect/Google/Scope”

i. Value: “openid email profile”

15.  Wait for the cache refresh to update your live Portal settings.  You’ll now see “Google” under “Sign in with an external account”, and it’s available to be used!

Comments

*This post is locked for comments