If your organization uses Google Workspace for email and identity management, you should configure Single-Sign On (SSO) with ActivityInfo and your Google Workspace account.
Read more about why Single Sign On is important for securing your organization’s data.
Step 1: Test a single account
Before starting this step, you must already have an account with ActivityInfo using an email address linked to your organization’s Google Workspace account.
Navigate to the following link:
https://www.activityinfo.org/login/connectSSO/google
You should be redirected to the Google Sign In page:
Enter your email address, or select it from the list if presented, and click “Next.”
When you click “Continue,” ActivityInfo will be able to access only your name, email address, language preference and profile picture.
You should receive a success message. From now on, you will log in through your Google Workspace account rather than entering an ActivityInfo-specific password.
Step 2: Setting up a domain policy
Once you have confirmed that users can login through their Google Workspace account, contact support@activityinfo.org to request a domain policy for your email domain. This require all new users with the email domain to login through their Google Workspace account from the start.
Step 3: Migrating existing users to SSO
Setting a domain policy does not automatically migrate existing accounts from your organization to use SSO. Migrating existing users to a new means of logging in requires careful planning and communication. Many users are (rightly) suspicious of sudden changes to log in procedures, and may disregard email notifications from ActivityInfo as phishing emails.
Follow the steps in the Migrating existing users to SSO guide to proceed.
Troubleshooting: Granting access to ActivityInfo
In some cases, your IT administrator may have configured your Google Workspace organization to forbid third-party from even the most basic permissions that ActivityInfo requests. In this case, your Google Workspace administrator will need to add ActivityInfo to the list of your trusted applications.
Follow these steps:
- Navigate to admin.google.com and login as an administrator
- From the left hand side, navigate to “Security”, then “Access and data control” and then “API controls”. Then click “Manage third-party App Access” from the main content area.
- In the next screen, click “Add app” and then select “OAuth App Name or Client ID”
- In the next screen, copy and paste the id
553210541596-6bdnatflpdf5h04li3fvg37jurunjcq3.apps.googleusercontent.com
into the search box, click “Search” and then select the ActivityInfo application.
- In the next screen, check the Client ID that appears, and then click “Select”
- In the next screen, keep the default selection for “all users” and click “Continue.” Note: allowing all users does not affect your licensing costs, or grant users any permissions within ActivityInfo. This only allows all users in your organization to authenticate to ActivityInfo. Authorization is managed by designated ActivityInfo database administrators.
- In the next screen, check the “Limited” option and click “Continue”
- On the final screen, review the selection and then click “Finish”