After successfully setting up Go IAM backend and UI, you need to configure your client to start using the authentication system. Else the application will be running in *insecure mode. This guide walks you through the essential steps to get your client application connected and ready for authentication.
Video Tutorial
Watch this comprehensive video tutorial that demonstrates the entire client configuration process:
Configuration Steps
Follow these three essential steps to configure your Go IAM client:
Step 1: Setup Auth Provider
Before your applications can authenticate users, you need to configure authentication providers in the Go IAM admin interface.
Google OAuth Setup
Access Admin UI: Navigate to your Go IAM admin interface (typically http://localhost:4173)
Go to Auth Providers: Click on "Auth Providers" in the sidebar
Add Auth Provider: Click "Add". Give a name. By default "Google" provider will be selected
Configure Credentials:
Client ID: Your Google OAuth 2.0 client ID
Client Secret: Your Google OAuth 2.0 client secret
Redirect URI: Configure the callback URL for your application
Set the application type and authorized redirect URIs
Copy the generated Client ID and Client Secret
Step 2: Setup Client
After configuring the auth provider, you need to register your client application. Clients are meant for applications to use go iam.
Register Your Application
Navigate to Clients: In the admin UI, go to "Clients" section
Create New Client: Click "Add" button
Configure Client Details:
Client Name: A descriptive name for your application. Eg: Go IAM Auth
Description: Description of your client**.**
Tags: Comma separated tags. Eg: goiam
Default Client: Check Set as Go IAM Client checkbox. This makes sure this client has to be used by Go IAM for its own auth purpose.
Redirect Urls: When you check Set as Go IAM Client, the redirect url will be automatically set to <baseUrl>/verify
Select Auth Providers or Set as service account: Choose which auth providers this client can use. The one you created in the previous step
Service Account: If you want to use this client as a service account, check the Set as Service Account checkbox. This is useful for backends or daemons that need to authenticate without user interaction.
Linked User Email: Specify the email address of the user to link this service account to. The access will be based on the linked user's roles and permissions.
Auth Provider: If auth provider is selected, user's identity is used for authentication. Correspondingly the access will be based on the user's roles and permissions.
Save Client: Click "Save Changes" to create the client
Step 3: Login (if set as Default Client)
With the auth provider and client configured as default client to be used for GO IAM, you will be automatically logged out of the system. You can login with credentials. Now we are good to go to integrate go iam with your client applications.
Step 4: Client for your application
You can setup clients for your applications. The steps are same as 1 and 2. You can setup one auth provider and use it for multiple clients. Set as Go IAM Client option won't be available and not required for creating clients for your application.
