About Google Workspace Native Integration
Google Workspace Native integration in Iru Endpoint allows you to set up native Google Workspace integration for SSO, enabling users to authenticate using their Google Workspace credentials without requiring custom SAML configuration.How It Works
When users attempt to access Iru Endpoint, they’re redirected to Google Workspace for authentication using OAuth2/OpenID Connect protocols. After successful authentication, Google Workspace sends an access token back to Iru Endpoint, which validates the user’s identity and grants access to the platform.If you’re requiring authentication with Automated Device Enrollment for iOS enrollments and using Google Workspace as your identity provider, the Single Sign-On entry must be created using Custom SAML. The built-in Google Workspace integration is not supported.
Setting Up Google Workspace Application
1
Access Google Developer Console
Log in to the Google Developer API Console. Then click CREATE PROJECT.
2
Configure Project Details
Enter a Project name.
3
Select Organization
Select your Organization.
4
Select Location
Select your Location.
5
Create Project
Click Create.
6
Access Credentials
In the sidebar, click Credentials.
7
Create Credentials
On the right side of the window, near the top, click Create Credentials. If this is your first time creating a client ID, you may also be prompted to configure your consent screen.
8
Select OAuth Client ID
From the menu that appears, choose OAuth Client ID.
9
Configure Application Type
For “Application Type,” click the menu and select “Web application”.
10
Name OAuth Client
In the Name field, enter a Name for your OAuth client.
11
Configure JavaScript Origins
In the Authorized JavaScript Origins section, in the URIs field, enter the following:For US tenants:For EU tenants:
12
Configure Redirect URIs
In the Authorized redirect URIs section, in the URIs field, enter the following:For US tenants:For EU tenants:
13
Create OAuth Client
Click Create.
14
Copy Client ID
Copy the text from the Client ID field and save it for later use.
15
Copy Client Secret
Copy the text from the Client Secret field and save it for later use.
Configuring Iru Endpoint Connection
1
Navigate to Settings
In Iru Endpoint, in the sidebar, click Settings.
2
Access Authentication Settings
Click the Access tab.
3
Add New Connection
Find the Authentication section and click the Add button at the bottom left of the authentication section.
4
Select Google Workspace
In the new blade, click Google Workspace.
5
Continue Setup
Click Next.
6
Configure Connection Name
Customize or use the default Name for the Google Workspace connection (this will be shown on the login page).
7
Enter Domain
Enter the Google Workspace Domain that the application is registered within.
8
Enter Client ID
Enter the Client ID you previously copied from Google Workspace.
9
Enter Client Secret
Enter the Client Secret you previously copied from Google Workspace.
10
Save Configuration
Click Save.
11
Authorize Connection
After saving, a new dialogue box will appear with a link to authorize your connection. A Google Workspace administrator for your domain must click the link and complete this process to authorize the application. This box will not go away after authorization is completed.
12
Complete Authorization
In the new window that launches, sign in and click Accept.
13
Verify Authorization
After clicking Accept, you will be brought to an authorization success page.
14
Confirm Setup
Your connection has now been successfully configured and may be enabled and tested.
If migrating to a new Google Workspace domain using the same connection, this value can be changed to match your new domain. Best practice, however, would be to create a new SSO connection using SAML.