- Overview
- Configuration
Google Workspace
Secure access to Google Workspace with ADSelfService Plus
Google Workspace provides a cloud-based environment for business productivity, incorporating essential tools like Gmail, Drive, Calendar, and Docs. By integrating ADSelfService Plus with Google Workspace, organizations can simplify access through one-click SSO, enabling users to log in securely without repeatedly entering credentials.
Secure remote access with SSO
Allow users to access Google Workspace securely and conveniently through single-click SSO, improving access efficiency while safeguarding sensitive data.
Enhanced security through MFA
Enable MFA to add an extra layer of security, allowing organizations to implement FIDO2, biometrics, or OTP-based authentication for secure Google Workspace access.
Password synchronization
Synchronize AD passwords with Google Workspace and other integrated applications to streamline access.
Configuring SAML SSO for G-Suite
These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and G-Suite.
Prerequisite
- Login to ADSelfService Plus as an administrator.
- Navigate to Configuration → Self-Service → Password Sync/Single Sign On → Add Application, and select G-Suite from the applications displayed. Note: You can also find G-Suite application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
- Click IdP details in the top-right corner of the screen.
- In the pop-up that appears, copy the Login URL, Logout URL and download the SSO certificate by clicking on the Download Certificate link.
G-Suite (Service Provider) configuration steps
- Log in to G-Suite with administrator credentials.
- Select Setup Single Sign-On (SSO) option from the Security tab.
- In the Sign-in page URL, enter the URL for signing into your system and G-Suite Apps. (Refer Step 4 of Prerequisite)
- In the Sign-out page URL, enter the URL for redirecting users to when they sign out. (Refer Step 4 of Prerequisite)
- Upload the verification certificate. (Refer Step 4 of Prerequisite)
ADSelfService Plus (Identity Provider) configuration steps
- Now, switch to ADSelfService Plus’ G-Suite configuration page.
- Enter the Application Name and Description.
- Enter the Domain Name of your G-Suite account. For example, if you use johndoe@thinktodaytech.com to log in to G-Suite, then thinktodaytech.com is the domain name.
- In the Assign Policies field, select the policies for which SSO need to be enabled. Note: ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
- Select Enable Single Sign-On.
-
In the Name ID Format field, choose the format for the user login attribute value specific to the application.
Note: Use Unspecified as the default option if you are unsure about the format of the login attribute value used by the application - Click Add Application.
- Your users should now be able to sign in to G-Suite Online through ADSelfService Plus.