Menu
Google; About Google; Privacy; Terms. Note: You can find many free Google Docs resume templates and other Google Docs templates for free in the Google Docs Template Gallery. Show your personality and creative side using the following free resume templates Google Docs: 1. This free Google Docs resume template is highly recommended for entry-level applicants. If you turn sync on in Chrome, you’ll stay signed into the Google Account you’re syncing to in order to delete your data across all your devices. Some sites can seem slower because content, like images, needs to load again. How cache & cookies work. Cookies are files created by sites you visit.
-->Step 2: Configure Google federation in Azure AD. You'll now set the Google client ID and client secret. You can use the Azure portal or PowerShell to do so. Be sure to test your Google federation configuration by inviting yourself. Use a Gmail address and try to redeem the invitation with your invited Google account. Google Earth 4.2 came with a nifty Easter egg: a hidden flight simulator. You could fly your virtual airplane from several airports or start midair from any location. The feature was so popular that it was incorporated as a standard function of Google Earth and Google Earth Pro. No unlocking necessary.
By setting up federation with Google, you can allow invited users to sign in to your shared apps and resources with their own Gmail accounts, without having to create Microsoft accounts.
After you've added Google as one of your application's sign-in options, on the Sign in page, a user can simply enter the email they use to sign in to Google, or they can select Sign-in options and choose Sign in with Google. In either case, they'll be redirected to the Google sign-in page for authentication.
Note
Google federation is designed specifically for Gmail users. To federate with G Suite domains, use direct federation.
Important
Starting January 4, 2021, Google is deprecating WebView sign-in support. If you’re using Google federation or self-service sign-up with Gmail, you should test your line-of-business native applications for compatibility.
What is the experience for the Google user?
When a Google user redeems your invitation, their experience varies depending on whether they're already signed in to Google:
- Guest users who aren't signed in to Google will be prompted to do so.
- Guest users who are already signed in to Google will be prompted to choose the account they want to use. They must choose the account you used to invite them.
Guest users who see a 'header too long' error can clear their cookies or open a private or incognito window and try to sign in again.
Sign-in endpoints
Google guest users can now sign in to your multi-tenant or Microsoft first-party apps by using a common endpoint (in other words, a general app URL that doesn't include your tenant context). During the sign-in process, the guest user chooses Sign-in options, and then selects Sign in to an organization. The user then types the name of your organization and continues signing in using their Google credentials.
Google guest users can also use application endpoints that include your tenant information, for example:
https://myapps.microsoft.com/?tenantid=<your tenant ID>
https://myapps.microsoft.com/<your verified domain>.onmicrosoft.com
https://portal.azure.com/<your tenant ID>
You can also give Google guest users a direct link to an application or resource by including your tenant information, for example
https://myapps.microsoft.com/signin/Twitter/<application ID?tenantId=<your tenant ID>
.Deprecation of WebView sign-in support
Starting January 4, 2021, Google is deprecating embedded WebView sign-in support. If you’re using Google federation or self-service sign-up with Gmail, you should test your line-of-business native applications for compatibility. If your apps include WebView content that requires authentication, Google Gmail users won't be able to authenticate. The following are known scenarios that will impact Gmail users:
- Windows apps that use embedded WebView or the WebAccountManager (WAM) on older versions of Windows.
- Other native apps you’ve developed that use an embedded browser framework for authentication.
This change does not affect:
- Windows apps that use embedded WebView or the WebAccountManager (WAM) on the latest versions of Windows
- Microsoft iOS apps
- G Suite identities, for example when you’re using SAML-based direct federation with G Suite
We’re continuing to test various platforms and scenarios, and will update this article accordingly.
To test your apps for compatibility
- Follow Google’s guidance to determine if your apps are affected.
- Using Fiddler or another testing tool, inject a header during sign-in and use a Google external identity to test sign-in:
- Add Google-Accounts-Check-OAuth-Login:true to your HTTP request headers when the requests are sent to accounts.google.com.
- Attempt to sign in to the app by entering a Gmail address in the accounts.google.com sign-in page.
- If sign-in fails and you see an error such as “This browser or app may not be secure,” your Google external identities will be blocked from signing in.
- Resolve the issue by doing one of the following:
- If your Windows app uses embedded WebView or the WebAccountManager (WAM) on an older version of Windows, update to the latest version of Windows.
- Modify your apps to use the system browser for sign-in. For details, see Embedded vs System Web UI in the MSAL.NET documentation.
Step 1: Configure a Google developer project
First, create a new project in the Google Developers Console to obtain a client ID and a client secret that you can later add to Azure Active Directory (Azure AD).
- Go to the Google APIs at https://console.developers.google.com, and sign in with your Google account. We recommend that you use a shared team Google account.
- Accept the terms of service if you're prompted to do so.
- Create a new project: In the upper-left corner of the page, select the project list, and then on the Select a project page, select New Project.
- On the New Project page, give the project a name (for example, Azure AD B2B), and then select Create:
- On the APIs & Services page, select View under your new project.
- Select Go to APIs overview on the APIs card. Select OAuth consent screen.
- Select External, and then select Create.
- On the OAuth consent screen, enter an Application name:
- Scroll to the Authorized domains section and enter microsoftonline.com:
- Select Save.
- Select Credentials. On the Create credentials menu, select OAuth client ID:
- Under Application type, select Web application. Give the application a suitable name, like Azure AD B2B. Under Authorized redirect URIs, enter the following URIs:
https://login.microsoftonline.com
https://login.microsoftonline.com/te/<tenant ID>/oauth2/authresp
(where<tenant ID>
is your tenant ID)
NoteTo find your tenant ID, go to the Azure portal. Under Azure Active Directory, select Properties and copy the Tenant ID. - Select Create. Copy the client ID and client secret. You'll use them when you add the identity provider in the Azure portal.
Step 2: Configure Google federation in Azure AD
You'll now set the Google client ID and client secret. You can use the Azure portal or PowerShell to do so. Be sure to test your Google federation configuration by inviting yourself. Use a Gmail address and try to redeem the invitation with your invited Google account.
To configure Google federation in the Azure portal
- Go to the Azure portal. On the left pane, select Azure Active Directory.
- Select External Identities.
- Select All identity providers, and then select the Google button.
- Enter the client ID and client secret you obtained earlier. Select Save:
To configure Google federation by using PowerShell
- Install the latest version of the Azure AD PowerShell for Graph module (AzureADPreview).
- Run this command:
Connect-AzureAD
- At the sign-in prompt, sign in with the managed Global Administrator account.
- Run the following command:
New-AzureADMSIdentityProvider -Type Google -Name Google -ClientId <client ID> -ClientSecret <client secret>
NoteUse the client ID and client secret from the app you created in 'Step 1: Configure a Google developer project.' For more information, see New-AzureADMSIdentityProvider.
How do I remove Google federation?
You can delete your Google federation setup. If you do so, Google guest users who have already redeemed their invitation won't be able to sign in. But you can give them access to your resources again by deleting them from the directory and reinviting them.
To delete Google federation in the Azure AD portal
- Go to the Azure portal. On the left pane, select Azure Active Directory.
- Select External Identities.
- Select All identity providers.
- On the Google line, select the ellipsis button (..) and then select Delete.
- Select Yes to confirm the deletion.
Google Docs Fast & Furious 6
To delete Google federation by using PowerShell
- Install the latest version of the Azure AD PowerShell for Graph module (AzureADPreview).
- File stream google. Run
Connect-AzureAD
. - In the sign-in prompt, sign in with the managed Global Administrator account.
- Enter the following command:
Remove-AzureADMSIdentityProvider -Id Google-OAUTH
NoteFor more information, see Remove-AzureADMSIdentityProvider.
Complete the steps described in the rest of this page to create a simple Node.jscommand-line application that makes requests to the Google Docs API.
Prerequisites
To run this quickstart, you need the following prerequisites:
- Node.js & npm installed.
- A Google account
Step 1: Turn on the Google Docs API
Click this button to create a new Cloud Platform project and automaticallyenable the Google Docs API:
In resulting dialog click ![Google Google](https://linuxundich.de/wp-content/uploads/2012/04/google-drive-linux-1021x580.png)
credentials.json
to your working directory.Step 2: Install the client library
Run the following commands to install the libraries using npm:
Step 3: Set up the sample
Create a file named
index.js
in your working directory and copy inthe following code:Step 4: Run the sample
Run the sample using the following command:
The first time you run the sample, it will prompt you to authorize access:
- Browse to the provided URL in your web browser.If you are not already logged into your Google account, you will beprompted to log in. If you are logged into multiple Google accounts, youwill be asked to select one account to use for the authorization.If you don't have a browser on the machine running the code, and you'veselected 'Desktop app' when creating the OAuth client, you can browse to theURL provided on another machine, and then copy the authorization code back tothe running sample.
- Click the Accept button.
- Copy the code you're given, paste it into the command-line prompt, and pressEnter.
Notes
- Authorization information is stored on the file system, so subsequentexecutions will not prompt for authorization.
- The authorization flow in this example is designed for a command lineapplication. For information on how to perform authorization in other contexts,see theAuthorizing and Authenticating.section of the library's README.
Further reading
Google Docs Sign In
Troubleshooting
This section describes some common issues that you may encounter whileattempting to run this quickstart and suggests possible solutions.
This app isn't verified.
The OAuth consent screen that is presented to the user may show the warning'This app isn't verified' if it is requesting scopes that provide access tosensitive user data. These applications must eventually go through theverification process toremove that warning and other limitations. During the development phase you cancontinue past this warning by clickingAdvanced > Go to {Project Name} (unsafe).