--- title: Create Identity Provider (Google) description: "Before you can use Google as an external identity provider, you must register your application with Google and activate the People API in the Google API Console. For additional information, refer to the following topic in the Google API documentation: Get Ready to Use the People API. To get started, follow the instructions provided in the Google API Console: Google API Console." component: pingone-api page_id: pingone-api:platform:identity-provider-management/identity-providers/create-identity-provider-google canonical_url: https://developer.pingidentity.com/pingone-api/platform/identity-provider-management/identity-providers/create-identity-provider-google.html section_ids: prerequisites: Prerequisites headers: Headers body: Body example-request: Example Request example-response: Example Response --- # Create Identity Provider (Google) ## ```none POST {{apiPath}}/v1/environments/{{envID}}/identityProviders ``` | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | Before you can use Google as an external identity provider, you must register your application with Google and activate the People API in the Google API Console. For additional information, refer to the following topic in the Google API documentation: [Get Ready to Use the People API](https://developers.google.com/people/v1/getting-started). To get started, follow the instructions provided in the Google API Console: [Google API Console](https://console.developers.google.com/flows/enableapi?apiid=people.googleapis.com\&credential=client_key). | The `POST {{apiPath}}/v1/environments/{{envID}}/identityProviders` operation adds a new identity provider resource to the specified environment. When the `type` property value is set to `GOOGLE`, Google's `clientId` and `clientSecret` property values are required in the request body. ### Prerequisites * Refer to [Identity Provider Management](../../identity-provider-management.html) for important overview information. > **Collapse: Request Model** > > **Google identity provider settings data model** > > | Property | Type | Required? | > | -------------- | ------ | --------- | > | `clientId` | String | Required | > | `clientSecret` | String | Required | > > **Google core attributes** > > | Property | Description | > | ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | > | `username` | A string that specifies the core Google attribute. The default value is `${providerAttributes.emailAddress.value}` and the default update value is `EMPTY_ONLY`. | > > **Google provider attributes** > > | Permission | Provider attributes | > | -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | > | `profile, email` | Options are: `resourceName`, `etag`, `emailAddress.value`, `name.displayName`, `name.familyName`, `name.givenName`, `name.middleName`, `nickname.value`, `nickname.type`, `gender.value`, and `gender.formattedValue`. | > | `https://www.googleapis.com/auth/profile.agerange.read` | Options are: `ageRange.ageRange`. | > | `https://www.googleapis.com/auth/profile.language.read` | Options are: `locale.value`. | > | `https://www.googleapis.com/auth/user.birthday.read` | Options are: `birthday.date.month`, `birthday.date.day`, `birthday.date.year`, and `birthday.text`. | > | `https://www.googleapis.com/auth/user.phonenumbers.read` | Options are: `phoneNumber.value`. | > > Refer to [Base IdP data model](../../identity-provider-management.html) for the properties available to all of the supported identity providers. > **Collapse: Query parameters** > > | Parameter | Description | > | --------- | ---------------------------------------------------------------------------------------------------- | > | `expand` | When equal to `attributes`, shows the details for the core attribute mapping created by the request. | > > Example: `POST {{apiPath}}/v1/environments/{{envID}}/identityProviders?expand=attributes` ### Headers Authorization      Bearer {{accessToken}} Content-Type      application/json ### Body raw ( application/json ) ```json { "description": "Custom Google ID Provider", "enabled": true, "name": "GoogleIdP1", "type": "GOOGLE", "clientId": "GoogleID", "clientSecret": "GoogleSecret" } ``` ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff '{{apiPath}}/v1/environments/{{envID}}/identityProviders' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer {{accessToken}}' \ --data '{ "description": "Custom Google ID Provider", "enabled": true, "name": "GoogleIdP1", "type": "GOOGLE", "clientId": "GoogleID", "clientSecret": "GoogleSecret" }' ``` ```csharp var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/identityProviders") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "application/json"); request.AddHeader("Authorization", "Bearer {{accessToken}}"); var body = @"{" + "\n" + @" ""description"": ""Custom Google ID Provider""," + "\n" + @" ""enabled"": true," + "\n" + @" ""name"": ""GoogleIdP1""," + "\n" + @" ""type"": ""GOOGLE""," + "\n" + @" ""clientId"": ""GoogleID""," + "\n" + @" ""clientSecret"": ""GoogleSecret""" + "\n" + @"}"; request.AddStringBody(body, DataFormat.Json); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "{{apiPath}}/v1/environments/{{envID}}/identityProviders" method := "POST" payload := strings.NewReader(`{ "description": "Custom Google ID Provider", "enabled": true, "name": "GoogleIdP1", "type": "GOOGLE", "clientId": "GoogleID", "clientSecret": "GoogleSecret" }`) client := &http.Client { } req, err := http.NewRequest(method, url, payload) if err != nil { fmt.Println(err) return } req.Header.Add("Content-Type", "application/json") req.Header.Add("Authorization", "Bearer {{accessToken}}") res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http POST /v1/environments/{{envID}}/identityProviders HTTP/1.1 Host: {{apiPath}} Content-Type: application/json Authorization: Bearer {{accessToken}} { "description": "Custom Google ID Provider", "enabled": true, "name": "GoogleIdP1", "type": "GOOGLE", "clientId": "GoogleID", "clientSecret": "GoogleSecret" } ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\n \"description\": \"Custom Google ID Provider\",\n \"enabled\": true,\n \"name\": \"GoogleIdP1\",\n \"type\": \"GOOGLE\",\n \"clientId\": \"GoogleID\",\n \"clientSecret\": \"GoogleSecret\"\n}"); Request request = new Request.Builder() .url("{{apiPath}}/v1/environments/{{envID}}/identityProviders") .method("POST", body) .addHeader("Content-Type", "application/json") .addHeader("Authorization", "Bearer {{accessToken}}") .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{apiPath}}/v1/environments/{{envID}}/identityProviders", "method": "POST", "timeout": 0, "headers": { "Content-Type": "application/json", "Authorization": "Bearer {{accessToken}}" }, "data": JSON.stringify({ "description": "Custom Google ID Provider", "enabled": true, "name": "GoogleIdP1", "type": "GOOGLE", "clientId": "GoogleID", "clientSecret": "GoogleSecret" }), }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'POST', 'url': '{{apiPath}}/v1/environments/{{envID}}/identityProviders', 'headers': { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' }, body: JSON.stringify({ "description": "Custom Google ID Provider", "enabled": true, "name": "GoogleIdP1", "type": "GOOGLE", "clientId": "GoogleID", "clientSecret": "GoogleSecret" }) }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests import json url = "{{apiPath}}/v1/environments/{{envID}}/identityProviders" payload = json.dumps({ "description": "Custom Google ID Provider", "enabled": True, "name": "GoogleIdP1", "type": "GOOGLE", "clientId": "GoogleID", "clientSecret": "GoogleSecret" }) headers = { 'Content-Type': 'application/json', 'Authorization': 'Bearer {{accessToken}}' } response = requests.request("POST", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{apiPath}}/v1/environments/{{envID}}/identityProviders'); $request->setMethod(HTTP_Request2::METHOD_POST); $request->setConfig(array( 'follow_redirects' => TRUE )); $request->setHeader(array( 'Content-Type' => 'application/json', 'Authorization' => 'Bearer {{accessToken}}' )); $request->setBody('{\n "description": "Custom Google ID Provider",\n "enabled": true,\n "name": "GoogleIdP1",\n "type": "GOOGLE",\n "clientId": "GoogleID",\n "clientSecret": "GoogleSecret"\n}'); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "json" require "net/http" url = URI("{{apiPath}}/v1/environments/{{envID}}/identityProviders") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Post.new(url) request["Content-Type"] = "application/json" request["Authorization"] = "Bearer {{accessToken}}" request.body = JSON.dump({ "description": "Custom Google ID Provider", "enabled": true, "name": "GoogleIdP1", "type": "GOOGLE", "clientId": "GoogleID", "clientSecret": "GoogleSecret" }) response = http.request(request) puts response.read_body ``` ```swift let parameters = "{\n \"description\": \"Custom Google ID Provider\",\n \"enabled\": true,\n \"name\": \"GoogleIdP1\",\n \"type\": \"GOOGLE\",\n \"clientId\": \"GoogleID\",\n \"clientSecret\": \"GoogleSecret\"\n}" let postData = parameters.data(using: .utf8) var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/identityProviders")!,timeoutInterval: Double.infinity) request.addValue("application/json", forHTTPHeaderField: "Content-Type") request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization") request.httpMethod = "POST" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ``` ### Example Response 201 Created ```json { "_links": { "self": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/identityProviders/65fb47be-c71e-45b6-9c4c-e3deed8df116" }, "environment": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "attributes": { "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/identityProviders/65fb47be-c71e-45b6-9c4c-e3deed8df116/attributes" } }, "id": "65fb47be-c71e-45b6-9c4c-e3deed8df116", "type": "GOOGLE", "name": "GoogleIdP", "description": "Google identity provider.", "enabled": false, "environment": { "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6" }, "createdAt": "2019-06-17T18:03:45.785Z", "updatedAt": "2019-06-17T18:03:45.785Z", "clientSecret": "GoogleClientSecret", "clientId": "GoogleClientId" } ```