Due to some maintenance issues, this service has been switched in read-only mode, you can find more information about the why

and how to migrate your plugin documentation in this blogpost

Skip to end of metadata
Go to start of metadata

Plugin Information

View Google Login on the plugin site for more information.

Older versions of this plugin may not be safe to use. Please review the following warnings before using an older version:

Google Login Plugin

This is a Jenkins plugin which lets you log in to Jenkins with your Google account. Also allows you to restrict access to accounts in a given Google Apps domain.Refer to the README in the plugin repository

Changelog

Refer to the CHANGELOG in the plugin repository

Issue tracking

Can be found HERE

18 Comments

  1. Unknown User (antoniox)

    i would like to know if its possible after password update on Google acc ... to update it everywhere its configured in Jenkins ... 

    currently i have more than 50 jobs that using it ... doing them 1-by-1 is pretty stupid

  2. Unknown User (lacostej)

    I migrated from OpenID plugin to Google Login plugin today and I had to add this extra step:

    3. Under API & Auths / 'Consent Screen', filled up the data, in particular the email of the user

    If not I got

    Error: invalid_client
    no support email

    from Google when trying to log in. Should I just update the doc and add one step ?

  3. Unknown User (gbeauny)

    Hello, 

    I have an issue with this Plugin, we are disconnected quickly from our session on Jenkins. Is there a way to keep it more longer? 

    Where i can configure it? 

    Thanks. 

  4. Unknown User (gbeauny)

    This plugin will be improved to use the login page of jenkins (jenkin-url/login) ?

    We could choose to be logged since google authentication or the one of jenkins.

  5. Unknown User (gbeauny)

    Also if we are already logged with a google account and if we call the following url : myjenkinsurl/login, we should be redirected to the home page of jenkins when we are already loggued.

  6. Unknown User (mukherjee_mk)

    Can I used this to authenticate my 'Internal' Jenkins environment? I would like the authorized redirect URL to be - 'http://192.168.xx.xxx:xxxx/securityRealm/finishLogin'. Is this even an option?

  7. Unknown User (edwardjameshartnett)

    What do you do with the client-secret.json file?

    Jenkins needs to have this file, but I don't want to check it into github.

  8. Unknown User (beradrian)

    Is the domain verification mandatory?

    If the consent screen is mandatory, then the documentation should be updated.

    I installed this plugin and after restarting Jenkins, the server isn't accessible anymore. Nothing in the logs.

  9. Unknown User (varshneysan)

    Hi,

    I got the issue with latest version of "google login plugin" if case of selecting the domain to login. If we keep this files empty then it's working fine.

    seems older version "1.1" is working fine after giving the domain.

  10. Unknown User (ashokdongare15)

    This plugin allows users from only one domain. We have users from couple of domains accessing jenkins. Is there any way to do this? 

  11. Unknown User (giorgiosironi)

    After setting up the plugin, I logged in on Google's page and got this exception when coming back to Jenkins at http://.../securityRealm/finishLogin:

    https://gist.github.com/anonymous/9f909a39d1d4f07485acfe0215037e02

    What's happening?

    1. Unknown User (chrisleck)

      I'm seeing the same issue and stacktrace.

  12. Unknown User (zanes)

    Is anyone seeing an error when trying to access jenkins and seeing the following 400 error:

    "Invalid parameter value for redirect_uri: Raw IP addresses not allowed: http://xxx.xxx.xxx.171:8080/securityRealm/finishLogin"?

    I'm accessing jenkins using the assigned dns name, but the redirect uses the IP address. Any ideas on how to make the redirect use the dns name?

    1. Unknown User (zanes)

      Issue resolved. Was a problem with my Jenkin's configuration. The Jenkins URL needed to be set to use the domain name. 

      Jenkins -> Manage Jenkins -> Configure System -> Jenkins URL

  13. Unknown User (vfangellation)

    Is it possible to give more details in this documentation in terms of where you fill out the id and secret in Jenkins? I'm assuming start from the front page it's Credentials → System → Domain you created → Add Credentials. And then you select the "Kind" secret text?

     

    From there what else needs to be done. The documentation is really sparse.

    1. Unknown User (vfangellation)

      So after looking at another blog that gives better details, after installing the Google Login Plugin, the credentials you obtain from the Google Developer Console is placed in the following location starting from the front page of your Jenkins → Manage Jenkins → Configure Global Security → Access Control (Security Realm)

       

      The blog says that when you do the switch, any users who login can do anything. But unfortunately it didn't give any details on what to do if you have a bunch of users already setup with the Jenkin's own database or if they still work or not. Will have to test this out in our dev environment.

  14. Unknown User (aleb)

    To create the Client ID, go to https://console.developers.google.com/apis/credentials, select the appropriate Project, click "Create credentials" → OAuth client ID → Web application

  15. Unknown User (ricktbaker)

    This plugin seems to break after some inactivity in Jenkins.  Was working fine, but now when I try to return to Jenkins after the long weekend I get a "Your Jenkins session has expired.  Please login again".  But nothing gives me a login, no matter what I click on, I still can't login.   Tried /logout which says it logs me out, but still get the same error message.   Deleted the oauth permission on google side and then I get the login again to choose my google email to login with, but I still get the same error message.   I have to completely disable security to get logged in.   Should mention that Jenkins is running in Kubernees.