Skip to main content

About Google Workspace Native Integration

Google Workspace Native integration in Iru Endpoint lets you set up native Google Workspace integration for SSO. Users authenticate using their Google Workspace credentials without requiring custom SAML configuration.

How It Works

When users attempt to access Iru Endpoint, they’re redirected to Google Workspace for authentication using OAuth2/OpenID Connect protocols. After successful authentication, Google Workspace sends an access token back to Iru Endpoint, which validates the user’s identity and grants access to the platform.
If you’re requiring authentication with Automated Device Enrollment for iOS enrollments and using Google Workspace as your identity provider, the Single Sign-On entry must be created using Custom SAML. The built-in Google Workspace integration is not supported.

Prerequisites

Before you begin, ensure you have:

Configuring Iru Endpoint Connection

Follow these steps to configure the connection in Iru:
1

Navigate to the Account Menu Button

In Iru Endpoint, in the sidebar, click the Account Menu Button.
2

Access Authentication Settings

Click the Access option in the menu.
3

Select Admin and Authentication

Select the Admin and authentication tab (selected by default) and scroll down to Authentication methods.
4

Add Authentication Method

Click + Authentication method.
5

Enter Display Name

Enter a display name for the SSO Connection.
6

Select Google Workspace

Select Google Workspace.
7

Create Connection

Click Create.
8

Copy Redirect URL

Copy the Redirect URL into a text document for later use. You’ll need this for the Google Workspace configuration.
9

Keep Tab Open

Keep the Iru Web App configuration modal open, then switch to the Google Workspace Configuration tab to continue.
After completing the Google Workspace configuration, return here to finish setting up the SSO connection in Iru Endpoint. You’ll need the Client ID, and Client secret you copied from Google Workspace.
Follow these steps to complete the configuration:
1

Enter Google Workspace Domain

Enter your Google Workspace domain from Google Workspace.
2

Paste Client ID

Paste the Client ID you copied from Google Workspace into the Client ID field.
3

Paste Client Secret

Paste the Client secret you copied from Google Workspace into the Client secret field.
4

Save Configuration

Click Save.
5

Confirm Setup

Your connection has now been successfully configured and may be enabled and tested.

Allow for Tenant Authentication

Once you have configured the SAML connection in Iru Endpoint and your identity provider, you can allow its use for tenant authentication. For step-by-step instructions, please refer to the Allowing Tenant Authentication and Managing Connections section in our Single Sign-on support article.

Limit Authentication to Domain

When configuring the SAML connection, you can optionally limit authentication to one or more domains. This can be useful when the SSO connection could authenticate to multiple domains. You can limit the authentication to your Iru tenant to a subset of the available domains.

Enforcing Single Sign-On

Once you have configured at least one Single Sign-on connection, you can disable Passkey, Google Social, and Microsoft Social connections. Disabling these connections will disable the ability for Iru Endpoint administrators in your tenant to authenticate via those methods. Please refer to our Single Sign-on support article for step-by-step instructions.