Skip to main content
Skip table of contents

Google Authentication

1) Introduction

Sign in with Google is quick and easy and has the added advantage of enabling "two factor authentication" (strictly multi-factor authentication). To sign in with Google you need a Google account (and password). In addition you could (say) be sent a phone message to which you had to respond in order to be authenticated. In this example the first factor is that you know your Google account password and the second factor is that you are in possession of the phone you registered with Google (and that you know the password for that phone).

2) Instance Administration

To enable Sign in with Google for an instance you must specify the Google domains that could be used for authentication (typically http://yourcompany.com if you have a corporate Google account but in theory gmail.com or googlemail.com if you want to allow authentication using these domains). You can enter multiple domains separated by commas at Configuration > Instance Settings.

Google domain is found under Security on the Instance settings page. 

image-20240911-140107.png

The logon page will then look like this:

If a user has not been enabled to sign in with Google (see below) they will not be able to do so even though they will be presented with the Sign in with Google option (if this feature has been enabled in the instance in question).

3) User Administration

Note in our example below we use http://aqilla.com (as this is our corporate Google account). For the avoidance of doubt you will use your own Google account(s).

To enable a user to sign in with Google, navigate to the person in question at Reference > Personnel and click the User Details icon:

image-20240911-140335.png

You then need to ensure that Google Authentication is enabled:

Note that all the above can be done by any user with access to Reference > Personnel but such a user cannot link a Google account (see below) which can only be done by the Google account holder.

image-20250303-160408.png

4) Linking a Google Account

This step can only be done by an Aqilla user who holds the Google account in question - in our example info@aqilla.com.

The user will need to logon to Aqilla in the normal way - i.e. not using Sign in with Google. The user will need to then open his or her Settings. See:

image-20250303-160530.png

The user will be asked to link a Google account:

image-20250303-162047.png

When the user clicks on Link Google Account he or she will be presented with the following:

i) If the user is currently authenticated by Google (e.g. the user is logged on to Google Mail)

The user is asked to link his or her Google account to his or her Person record in this Aqilla instance:

A user can also unlink their Google account.

A user with access to Reference > Personnel cannot unlink a Google account. However the Google account is automatically unlinked when a user is disabled.

Note if you try to link a Google account that does not use a domain registered at Configuration > Settings you will see:

The http://aqilla.com domain was removed from Configuration > Instance Settings to force this error message.

ii) If the user is not currently authenticated by Google (e.g. the user is not logged on to any Google product)

The user is first asked to login or select a Google account:

5) Google Settings

All other steps are as described above.

There are many settings that the administrator of a Google account can use to implement a security policy. These settings are quite independent to Aqilla and outside the scope of this help page and Aqilla Support.

6) Error Messages

You may see the error message on the right.

There are a number of reasons for this including:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close