Integrating Google Cloud Authentication with SFTP Gateway v3.4.0

Google Cloud Authentication with SFTP Gateway

With SFTP Gateway version 3.004.00, you can now integrate Google Cloud Authentication with SFTP Gateway’s web admin portal. In other words, web admins can leverage their existing Google Cloud credentials instead of managing another account just for SFTP Gateway.

Configuring Google Authentication is a process. At a high level, you will be performing two steps:
  • Create and configure an OAuth 2.0 client in Google Cloud
  • Point SFTP Gateway to the OAuth 2.0 client
Note: Google Credentials cannot be used for SFTP authentication.

What is Google Cloud Authentication?

Google Cloud Authentication is a set of tools and services that allow users to securely access and manage resources on the Google Cloud Platform. It provides a way to verify the identity of users and control access to resources based on permissions and policies. Google Cloud Authentication uses industry-standard security protocols, such as OAuth 2.0, OpenID Connect, and Security Assertion Markup Language (SAML) to ensure secure authentication and authorization. With Google Cloud Authentication, users can use their existing Google accounts or other external identity providers to authenticate and access cloud resources.

How to Create OAuth 2.0 Client IDs in API & Services and Integrate Google Cloud Authentication with SFTP Gateway


Open the Google Cloud Console and search for API & Services.


Note: Before creating an OAuth 2.0 client, you need to have first configured a domain name for your SFTP Gateway VM.



Once you are in API & Services, go to Credentials on the left menu.



Click + Create Credentials and select OAuth client ID.


Under the Application type, select Web application, and configure a name for your OAuth 2.0 client.


Next, configure the URIs you will be using for the JavaScript origin and redirect URI.


For the JavaScript Origin URI enter in this value:
For the redirect URI enter in this value:
https://<sftp-gateway-domain-name>/backend/login/oauth2/code/<custom name>
The custom name can be any value you’d like, but make sure to remember it, as you’ll need it later on. Once everything has been configured, click Create at the bottom.



Once your OAuth 2.0 client has created, enter into it and you should see this screen:



Keep this page open as you will need the client ID and client secret when you configure the Identity provider in SFTP Gateway.


Configure the Identity Provider on SFTP Gateway


In the SFTP Gateway web admin portal, go to Settings. Under Identity Providers, click Add new IdP.


For the new Identity Provider, fill in the following fields:
  • Identity Provider Display Name: This is the name that will be displayed on the login screen for Web Admin Users.
  • Issuer URI: Paste in this value,
  • Client ID: Paste in the client ID from OAuth 2.0 client overview page.
  • Client Secret: Paste in the client secret from OAuth 2.0 client overview page.
  • Name Attribute: Set this value to sub.
  • Registration ID: Use the custom name you made for the callback URI when creating the OAuth 2.0 client.


Test the changes in the web browser


If you are logged into the web admin UI, click the logout button on the top right and then refresh the browser.


On the login page, you should see the following link toward the bottom with the Display name you configured.



You will then be redirected to enter your Google Cloud credentials.

Once logged in, you will be authenticated to the SFTP Gateway web admin portal. You’ve now successfully integrated Google Cloud Authentication with SFTP Gateway’s web admin portal.

For more on integrating Google Cloud Authentication with SFTP Gateway, please see the Knowledge Base or our YouTube channel and the video below.

Get insights on SFTP Gateway, cloud computing and more, in your inbox.

Get smarter about all things tech. Sign up now!

Scroll to Top