Unable to customize authorisation callback URL for SAML provider after connecting custom domain

Question

I'm unable to customize the authorisation callback URL to my custom domain when adding a new SAML provider in Google Cloud Identity platform. I took the following steps:

I successfully connected my domain via the firebase console: the status says 'Connected', and the SSL certificate has been provisioned.
In Identity Platform, I added my custom domain to the authorized domains on the project level.
I'm trying to add a SAML provider for a tenant.

I cannot edit the callback url in the cloud console. Also, when adding the provider with a custom url via a client SDK, the provider is created, but again with the default url.

Any pointers?

From the documentation:

Ferregina Pelona Ferregina Pelona · Accepted Answer · 2020-11-02T17:17:40

This is expected.

The real issue is that the docs give the understanding of changing the callback URL in the console but you should change the authDomain in your code rather than in the GCP console and when making the request, you will see the callback URL using your custom domain.

For example, if in your code you have:

const config = {
  apiKey: "dsfdsDSSDDSFSDfsdf5ds14f5s",
  authDomain: "PROJECT_ID.firebaseapp.com",
};

You only have to change the authDomain for example to:

const config = {
  apiKey: "dsfdsDSSDDSFSDfsdf5ds14f5s",
  authDomain: "login.mydomain.com",
};

The only condition to make this work is that the domain you want to use is in the Authorized domains.

Unable to customize authorisation callback URL for SAML provider after connecting custom domain

1 Answers