Instruction
Configuratie - Systeem - Oauth providers

This page describes how to register i-Reserve in the Google Cloud Console, so users can sign in to i-Reserve with their Google account (single sign-on, SSO). For the i-Reserve-side setup (adding and activating the provider) see "How do I activate an OAuth provider in i-Reserve?".

Online documentation

Step 1: Choose or create a project

Open the Google Cloud Console and choose an existing project or create a new one.

Step 2: Configure the OAuth consent screen

  • Go to APIs & Services → OAuth consent screen.
  • Choose user type External and fill in the app name, a support email and your authorised domain(s).
  • Add the scopes openid, …/auth/userinfo.email and …/auth/userinfo.profile.
  • Is the app in Testing? Add the test users allowed to sign in, or publish the app.

Step 3: Create an OAuth client ID and set the redirect URI

Go to APIs & Services → Credentials → Create credentials → OAuth client ID and choose application type Web application. Under Authorised redirect URIs enter:

  • Admin login: https://<yourdomain>/adminlogin
  • Customer login: https://<yourdomain>/login

The URI must match exactly what i-Reserve sends, see "What is the redirect URL?".

Step 4: Copy the values into i-Reserve

In i-Reserve go to Configuration → System → Oauth providers, add the Google provider and enter:

Field in i-ReserveValue from Google
Key IdThe Client ID
Key SecretThe Client secret

Google does not use a tenant field. Then switch on active (customer login) and/or active (admin) (admin login) and save.

Common problems

MessageCause and solution
redirect_uri_mismatch (Error 400)The redirect URI is missing, or not exact, on the OAuth client. Register exactly https://<yourdomain>/adminlogin and/or https://<yourdomain>/login.
Access blocked / app not verifiedThe app is in Testing. Add the user as a test user or publish the consent screen.
invalid_clientClient ID or Client secret copied incorrectly. Check the values under Credentials.