Portainer Business Edition allows you to easily setup authentication using Google OAuth for user logins. This means you can use a Google account to log into your Portainer web interface.
If you can’t get a license for the Business Edition, you can still setup Google OAuth with Portainer Community Edition, but it does require a little more work.
Create Google Developer Project
First, log into your Google Developer’s Account: https://console.developers.google.com/
Go to the following webpage to create a new project:
Enter a Project Name and click “Create”
Click on APIs & Services, +Create Credentials, OAuth client ID, Configure Consent Screen, External, Create
Give the app a name, enter a support email, enter developer contact information
Select ‘nothing’ for Scopes
Select ‘nothing’ for Test users
Go back to the Dashboard
Click on Credentials, +Create Credentials, and OAuth Client ID
Set Application Type = Web application
Enter a name, such as “Portainer”
For ‘Authorized JavaScript Origins’, enter: https://portainer.yourdomain.com
For ‘Authorized redirect URIs’, enter: https://portainer.yourdomain.com
Click on Create
The next page will have your Client ID and Client Secret. Save that information. We’ll need to enter it in Portainer.
Click to publish your App
Setup Authentication for Portainer
Next, go to Portainer, Settings, Authentication
Enter the following information:
Client ID (from your Google project)
Client secret (from your Google project)
Authorization URL: https://accounts.google.com/o/oauth2/auth
Access token URL: https://accounts.google.com/o/oauth2/token
Resource URL: https://www.googleapis.com/oauth2/v1/userinfo?alt=json
Redirect URL: https://portainer.yourdomain.com
User identifier: email
Scopes: profile email
Click Save. That’s it. You should now be able to log into your Portainer page using your Google account.
Leave a Reply