Admin Google SSO

Admin Google SSO

This Magento 2 module allows you to sign in to your admin user account using your Google account. You can also configure to have admin accounts created automatically when someone logs in with their Google account.

Setting up your OAuth credentials:-

Install Google SSO library using following composer command: php -dmemory_limit=4G /usr/bin/composer require league/oauth2-google

Visit the Google Developer Console to create your OAuth credentials.

Visit the "Credentials" section
Click "Create credentials" 
Choose "OAuth Client ID" 
Choose the "Web application" application type.
When asked for "Authorized Redirect URIs", enter the URL given below, substituting with your Magento 2 administrator page.

Redirect URI:

After you set up your OAuth 2 credentials, login to your Magento backend and navigate to Stores > Configuration > Advanced > Admin > Google SSO.

Change the module's status to "Enabled".
Enter the Client ID you created in the Google Developer Console.
Enter the Client Secret you created in the Google Developer Console.
Click Save

After your configuration saves, clear your store’s cache if necessary. The next time you visit the Magento 2 backend login page, you should see a button to Sign in with Google. Auto Registration

You can enable “Auto Registration” which allows users with access to certain Google accounts to automatically have admin accounts created for them. This is especially useful for agencies who have multiple employees logging into a client’s admin.

You have the following available filter options:

Only allowing specific e-mails
Allowing any e-mails in a domain
Allowing any e-mails that match a regular expression

Disabling password authentication

You can disable the ability for a user to login to their admin account using a password automatically if they are registered using Google SSO by toggling the setting “Allow Auto-Registered Users To Use Password Login”. This is especially useful if you are in an work environment where when an employee loses their work e-mail, they should no longer be allowed to access client admin accounts.

This can also be toggled on a per-user basis, even if the user was not originally created using the auto-register feature.


Tell us what you think!

We'd like to ask you a few questions to help improve CodeCanyon.

Sure, take me to the survey