Skip to main content

About Google Workspace Native Integration

Google Workspace Native integration in Iru Endpoint lets you set up native Google Workspace integration for SSO. Users authenticate using their Google Workspace credentials without requiring custom SAML configuration.

How It Works

When users attempt to access Iru Endpoint, they’re redirected to Google Workspace for authentication using OAuth2/OpenID Connect protocols. After successful authentication, Google Workspace sends an access token back to Iru Endpoint, which validates the user’s identity and grants access to the platform.
If you’re requiring authentication with Automated Device Enrollment for iOS enrollments and using Google Workspace as your identity provider, the Single Sign-On entry must be created using Custom SAML. The built-in Google Workspace integration is not supported.

Prerequisites

Before you begin, ensure you have:
  • Access to the Iru web app as an Admin or Account Owner
  • A Super Admin account in Google Workspace to complete the Google Workspace configuration steps

Setting Up Google Workspace Application

Follow these steps to configure your Google Workspace application:
1

Access Google Developer Console

Log in to the Google Developer API Console. Then click CREATE PROJECT.
2

Configure Project Details

Enter a Project name.
3

Select Organization

Choose the Organization from the dropdown menu.
4

Select Location

Choose the Location.
5

Create Project

Click Create.
6

Access Credentials

In the sidebar, click Credentials.
7

Create Credentials

On the right side of the window, near the top, click Create Credentials. If this is your first time creating a client ID, you may also be prompted to configure your consent screen.
8

Select OAuth Client ID

From the menu that appears, choose OAuth Client ID.
9

Configure Application Type

For “Application Type,” click the menu and select “Web application”.
10

Name OAuth Client

In the Name field, enter a Name for your OAuth client.
11

Configure JavaScript Origins and Redirect URIs

In the JavaScript Origins and Redirect URIs section:
  1. For JavaScript Origins, use just the domain section from the Redirect URL shown in Iru (e.g., https://vpriix.id.iru.com). This domain is unique to each Iru tenant.
  2. For Authorized redirect URIs, enter the complete Redirect URL shown in the Configuration Information in the SSO connection in Iru (e.g., https://vpriix.id.iru.com/federated-auth/oidc/callback).
You can find your tenant-specific redirect URI by navigating to Your NameAccessAdmin and Authentication, then scroll down to Authentication methods and click + Authentication MethodGoogle Workspace. The redirect URI will be displayed in the Configuration Information section.
Settings Access Admin and Authentication page showing Authentication methods section with Google Workspace option and the redirect URI displayed
12

Create OAuth Client

Click Create.
13

Copy Client ID

Copy the text from the Client ID field and save it for later use.
14

Copy Client Secret

Copy the text from the Client Secret field and save it for later use.