Skip to end of metadata
Go to start of metadata

Plugin Information

View Google Login on the plugin site for more information.

Older versions of this plugin may not be safe to use. Please review the following warnings before using an older version:

Google Login Plugin

This is a Jenkins plugin which lets you log in to Jenkins with your Google account. Also allows you to restrict access to accounts in a given Google Apps domain.Refer to the README in the plugin repository

Changelog

Refer to the CHANGELOG in the plugin repository

Issue tracking

Can be found HERE

18 Comments

  1. i would like to know if its possible after password update on Google acc ... to update it everywhere its configured in Jenkins ... 

    currently i have more than 50 jobs that using it ... doing them 1-by-1 is pretty stupid

  2. I migrated from OpenID plugin to Google Login plugin today and I had to add this extra step:

    3. Under API & Auths / 'Consent Screen', filled up the data, in particular the email of the user

    If not I got

    Error: invalid_client
    no support email

    from Google when trying to log in. Should I just update the doc and add one step ?

  3. Hello, 

    I have an issue with this Plugin, we are disconnected quickly from our session on Jenkins. Is there a way to keep it more longer? 

    Where i can configure it? 

    Thanks. 

  4. This plugin will be improved to use the login page of jenkins (jenkin-url/login) ?

    We could choose to be logged since google authentication or the one of jenkins.

  5. Also if we are already logged with a google account and if we call the following url : myjenkinsurl/login, we should be redirected to the home page of jenkins when we are already loggued.

  6. Can I used this to authenticate my 'Internal' Jenkins environment? I would like the authorized redirect URL to be - 'http://192.168.xx.xxx:xxxx/securityRealm/finishLogin'. Is this even an option?

  7. What do you do with the client-secret.json file?

    Jenkins needs to have this file, but I don't want to check it into github.

  8. Is the domain verification mandatory?

    If the consent screen is mandatory, then the documentation should be updated.

    I installed this plugin and after restarting Jenkins, the server isn't accessible anymore. Nothing in the logs.

  9. Hi,

    I got the issue with latest version of "google login plugin" if case of selecting the domain to login. If we keep this files empty then it's working fine.

    seems older version "1.1" is working fine after giving the domain.

  10. This plugin allows users from only one domain. We have users from couple of domains accessing jenkins. Is there any way to do this? 

  11. After setting up the plugin, I logged in on Google's page and got this exception when coming back to Jenkins at http://.../securityRealm/finishLogin:

    https://gist.github.com/anonymous/9f909a39d1d4f07485acfe0215037e02

    What's happening?

    1. I'm seeing the same issue and stacktrace.

  12. Is anyone seeing an error when trying to access jenkins and seeing the following 400 error:

    "Invalid parameter value for redirect_uri: Raw IP addresses not allowed: http://xxx.xxx.xxx.171:8080/securityRealm/finishLogin"?

    I'm accessing jenkins using the assigned dns name, but the redirect uses the IP address. Any ideas on how to make the redirect use the dns name?

    1. Issue resolved. Was a problem with my Jenkin's configuration. The Jenkins URL needed to be set to use the domain name. 

      Jenkins -> Manage Jenkins -> Configure System -> Jenkins URL

  13. Is it possible to give more details in this documentation in terms of where you fill out the id and secret in Jenkins? I'm assuming start from the front page it's Credentials → System → Domain you created → Add Credentials. And then you select the "Kind" secret text?

     

    From there what else needs to be done. The documentation is really sparse.

    1. So after looking at another blog that gives better details, after installing the Google Login Plugin, the credentials you obtain from the Google Developer Console is placed in the following location starting from the front page of your Jenkins → Manage Jenkins → Configure Global Security → Access Control (Security Realm)

       

      The blog says that when you do the switch, any users who login can do anything. But unfortunately it didn't give any details on what to do if you have a bunch of users already setup with the Jenkin's own database or if they still work or not. Will have to test this out in our dev environment.

  14. To create the Client ID, go to https://console.developers.google.com/apis/credentials, select the appropriate Project, click "Create credentials" → OAuth client ID → Web application

  15. This plugin seems to break after some inactivity in Jenkins.  Was working fine, but now when I try to return to Jenkins after the long weekend I get a "Your Jenkins session has expired.  Please login again".  But nothing gives me a login, no matter what I click on, I still can't login.   Tried /logout which says it logs me out, but still get the same error message.   Deleted the oauth permission on google side and then I get the login again to choose my google email to login with, but I still get the same error message.   I have to completely disable security to get logged in.   Should mention that Jenkins is running in Kubernees.