IMPORTANT! Because of the technical knowledge required, your district’s IT administrator (or someone with a similar role) will most likely need to perform this procedure.
There are (4) steps that must be performed to utilize Google SSO:
1. Create a new Service Account within the Google API Console
2. Enable Domain-Wide Delegation to the new Service Account
3. Install the JSON file within ML Binders
4. Import Google Users into ML Binders via Google Groups
Step 1: Create a New Service Account within the Google API Console
1. Visit Google API Console → https://console.developers.google.com
2. Select the New Project button
3. Name the project MasterLibrary SSO
4. Select the Create button
5. Select the newly created project from the Select a project dropdown at the top of the page.
6. Select the Library menu item on the left side of the page.
7. On the “Search for APIs & Services” box, type Admin SDK.
8. Select Admin SDK from the results.
9. Select the ENABLE button.
10. Click on the navigation menu icon (three horizontal lines) at the top left corner, and select APIs & Services → Credentials
11. Select + CREATE CREDENTIALS
12. Select Service Account
13. Type in the Service Account name and optionally service account description.
14. Select the CREATE button.
15. Select the CONTINUE button.
16. Select the DONE button.
17. Click on the Email link
18. Select the ADD KEY button and then select Create new key.
19. A pop window will appear. Ensure that the JSON option button is selected (this button is already selected as a default option).
20. Select the CREATE button
21. A JSON file will be downloaded and saved to your computer. Select the Close button.
22. Select the SAVE button.
Step 2: Domain-wide delegation to the Service Account.
1. Open a new browser window and enter https://admin.google.com/ac/owl
Note : A user with Google super administrator role is required to perform this task.
2. Select MANAGE DOMAIN WIDE DELEGATION
3. Select the Add new button
4. Open the JSON file that was downloaded
5. Copy the number corresponding to the “client_id”
6. In the popup window, paste the Client ID number and enter the following scopes on each line.
https://www.googleapis.com/auth/admin.directory.group.readonly
https://www.googleapis.com/auth/admin.directory.group.member.readonly
https://www.googleapis.com/auth/admin.directory.user.readonly
7. Select the AUTHORIZE button.
Step 3: Install the JSON file within ML Binders
1. Within ML Binders go to Settings > Single Sign On > Google SSO Admin
2. Enter the email address for a Google Domain Super Administrator
3. Upload the JSON file that was downloaded in the previous step.
4. Select the Save button
Step 4: Import Users via Google Groups
1. Within ML Binders go to Settings > Single Sign On > Google SSO Groups
2. Select the Add Google SSO Group button
3. Enter the Group Name and Group Email Address (Selecting the View Google Users button will show the users within that Group)
4. Select the Active checkbox.
5. Select the Save and Sync Users button.
6. Repeat Steps 2-7 for any additional Google Groups you would like to sync to ML Binders..
Comments
0 comments
Please sign in to leave a comment.