Online Help

SafeNet Trusted Access for Google Workspace

Overview

The application template provides the ability to enable single sign-on for users accessing the Google Workspace Services through SafeNet Trusted Access.

The following use cases can be configured for Google Workspace:

>SP-initiated SSO

>IdP-initiated SSO

Configuring SafeNet Trusted Access for Google Workspace is a three-step process:

1.Google Workspace setup

2.SafeNet Trusted Access setup

3.Verify Authentication

Google Workspace Setup

As a prerequisite, download the Identity Provider certificate from the SafeNet Trusted Access console by clicking on the Download X.509 certificate button.

You will need this certificate in one of the steps below.

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in Google Workspace:

1.Log in to the Google Workspace admin console.

2.On the Google Workspace Admin console, click Security.

3.On the Security window, scroll down and click Set up single sign-on (SSO) with a third party IdP option.

4.Select the Setup SSO with third party identity provider check box and then perform the following steps:

a.In the Sign-in page URL field, enter the SingleSignOnService URL that is displayed on the SafeNet Trusted Access console.

b.In the Sign-out page URL field, enter https://accounts.google.com/logout.

c.In the Verification certificate field, click CHOOSE FILE to search and select the Identity Provider certificate that you downloaded earlier from the SafeNet Trusted Access console.

d.Select the Use a domain specific issuer check box.

e.In the Change password URL field, enter https://accounts.google.com/signin/recovery.

f.Click SAVE.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in Google Workspace, the second step is to activate the Google Workspace application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, you will notice that the Google Workspace application that you added previously is currently in inactive state by default. To configure and activate this application, click the application (for example, Google Workspace) and proceed to the next step.

2.Under STA Setup, in the Domain Name field, enter your organization's managed domain name (for example, example.com).

3.Click Save Configuration to save the details and activate the Google Workspace application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the Google Workspace application URL, https://www.google.com/a/<Domain Name>/ServiceLogin, where <Domain Name> is the your organization's managed domain name.

For example, https://www.google.com/asafenet.com/ServiceLogin

You will be redirected to the SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the Google Workspace user portal after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click on the Google Workspace application icon, you should be redirected to the Google Workspace user portal after authentication.

 

© 2021 SafeNet Trusted Access. Various trademarks held by their respective owners.