HomeDev guideRecipesAPI ReferenceGraphQL
Dev guideUser GuideGitHubNuGetDev CommunitySubmit a ticketLog In
GitHubNuGetDev CommunitySubmit a ticket

Google provider

How to set up and authenticate using Google Cloud Console.

πŸ“˜

Note

This example requires you to have a Google account to create a project on Google Cloud Console.

Setup Google project

  1. Visit the Google Cloud Console and create a new Project. For this example, the project is named Doligence.

  1. View the OAuth 2.0 Client ID section and click on your app to get the Client ID as audience.

  1. Finally, you have Google OIDC config:
    • issuer – "https://accounts.google.com"
    • audience – "{Client ID}"

Update Google provider OIDC config to Content Graph

Send a PUT request to OIDC config URL: https://cg.optimizely.com/api/config/oidc with epi-hmac or basic authorization header:

curl -XPUT \
  -H 'Authorization: Basic {appKey}:{secret}' \
  -d '{
    "issuer": "https://accounts.google.com",
    "audience": "{Client ID}",
  }' https://cg.optimizely.com/api/config/oidc

Authenticate with Google Provider

Once authenticated, your JWT payload should have issuer and audience claims:

{
  "iss": "https://accounts.google.com",
  "azp": "427566697749-3knhnkfnk8v2j8t60shg8nolg0trqku2.apps.googleusercontent.com",
  "aud": "427566697749-3knhnkfnk8v2j8t60shg8nolg0trqku2.apps.googleusercontent.com",
  "sub": "109839210343031985739",
  "email": "[email protected]",
  "email_verified": true,
  "at_hash": "lyY-RI72YgsRHIuMDc6CGw",
  "name": "Quang Tran",
  "picture": "https://lh3.googleusercontent.com/a/ACg8ocLaTr3pV1TSLcBQZrjtmSvn2TDRYtLKKAhX7DUN_dQo=s96-c",
  "given_name": "Manh Quang",
  "family_name": "Tran",
  "locale": "en",
  "iat": 1696840635,
  "exp": 1696844235
}
// this is id_token payload: eyJhbGciOiJSUzI1NiIsImtpZCI6ImM2MjYzZDA5NzQ1YjUwMzJlNTdmYTZlMWQwNDFiNzdhNTQwNjZkYmQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiI0Mjc1NjY2OTc3NDktM2tuaG5rZm5rOHYyajh0NjBzaGc4bm9sZzB0cnFrdTIuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiI0Mjc1NjY2OTc3NDktM2tuaG5rZm5rOHYyajh0NjBzaGc4bm9sZzB0cnFrdTIuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDk4MzkyMTAzNDMwMzE5ODU3MzkiLCJlbWFpbCI6Im1hbmhxdWFuZy5mcHRAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJseVktUkk3Mllnc1JISXVNRGM2Q0d3IiwibmFtZSI6Ik1hbmggUXVhbmcgVHJhbiIsInBpY3R1cmUiOiJodHRwczovL2xoMy5nb29nbGV1c2VyY29udGVudC5jb20vYS9BQ2c4b2NMYVRyM3BWMVRTTGNCUVpyanRtU3ZuMlREUll0TEtLQWhYN0RVTl9kUW89czk2LWMiLCJnaXZlbl9uYW1lIjoiTWFuaCBRdWFuZyIsImZhbWlseV9uYW1lIjoiVHJhbiIsImxvY2FsZSI6ImVuIiwiaWF0IjoxNjk2ODQwNjM1LCJleHAiOjE2OTY4NDQyMzV9.zQFSSLm3XKPs1kC3_7IgIfdJlxYAglQlLn-9Zs1NL2r5uQsMne2sxjSEN3u6Ia063Rrs5R3fpUcTo-SdoRnkn0lYN3V4WVxTa4AVq4_JE9SrFODof6L6XQ44QjmHJzdACjXvH-w46HBtfwuXA53yOPZLlANm4-JZtngikZdUKo7gUKvX1IHGZB3hjue-h8svwAI2W0bomLvuoVgPyurZUV1UD4aMXxOeMwpPAKJtnpS6YCwd6nngcdlU_tBYjusviGpHbXBLGsivx8-ykRb62ZgaY4RZ9uvQ51OscnW1z6gS-ULAuoZq4rsNRXxKr1h7F6LXDXBMAptqM5qqcp8tEA
// the token must contain iss and aud value

Authorize with Content Graph

Send your GQL query to the query endpoint with your previously received JWT token payload:

curl --location 'https://cg.optimizely.com/content/v2?tenant_id=f26abab66d914405b839f6daa69d6c28' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImM2MjYzZDA5NzQ1YjUwMzJlNTdmYTZlMWQwNDFiNzdhNTQwNjZkYmQiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiI0Mjc1NjY2OTc3NDktM2tuaG5rZm5rOHYyajh0NjBzaGc4bm9sZzB0cnFrdTIuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiI0Mjc1NjY2OTc3NDktM2tuaG5rZm5rOHYyajh0NjBzaGc4bm9sZzB0cnFrdTIuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDk4MzkyMTAzNDMwMzE5ODU3MzkiLCJlbWFpbCI6Im1hbmhxdWFuZy5mcHRAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJseVktUkk3Mllnc1JISXVNRGM2Q0d3IiwibmFtZSI6Ik1hbmggUXVhbmcgVHJhbiIsInBpY3R1cmUiOiJodHRwczovL2xoMy5nb29nbGV1c2VyY29udGVudC5jb20vYS9BQ2c4b2NMYVRyM3BWMVRTTGNCUVpyanRtU3ZuMlREUll0TEtLQWhYN0RVTl9kUW89czk2LWMiLCJnaXZlbl9uYW1lIjoiTWFuaCBRdWFuZyIsImZhbWlseV9uYW1lIjoiVHJhbiIsImxvY2FsZSI6ImVuIiwiaWF0IjoxNjk2ODQwNjM1LCJleHAiOjE2OTY4NDQyMzV9.zQFSSLm3XKPs1kC3_7IgIfdJlxYAglQlLn-9Zs1NL2r5uQsMne2sxjSEN3u6Ia063Rrs5R3fpUcTo-SdoRnkn0lYN3V4WVxTa4AVq4_JE9SrFODof6L6XQ44QjmHJzdACjXvH-w46HBtfwuXA53yOPZLlANm4-JZtngikZdUKo7gUKvX1IHGZB3hjue-h8svwAI2W0bomLvuoVgPyurZUV1UD4aMXxOeMwpPAKJtnpS6YCwd6nngcdlU_tBYjusviGpHbXBLGsivx8-ykRb62ZgaY4RZ9uvQ51OscnW1z6gS-ULAuoZq4rsNRXxKr1h7F6LXDXBMAptqM5qqcp8tEA' \
--header 'Content-Type: application/json' \
--data '{"query":"{\n    Content {\n        items {\n            Name\n        }\n    }\n}","variables":{}}'