website logo
⌘K
Getting Started
Use Cases
Secure, Passwordless Login via Standard Protocols (OIDC, SAML2)
BlokSec for MFA / 2FA
Adding Passwordless Login to your In-House / Custom Application
BlokSec yuID Authenticator App
BlokSec Admin Console
FAQ's
Integrations
Microsoft 0365
Google Workspace
Salesforce
Dropbox
CyberArk Privileged Access Manager
IBM Security Verify
Custom OIDC
Custom SAML2
BlokSec SDK Integration (iOS)
Compatibility
Dependencies
Prerequisites
SDK Usage (Initialise)
New User Registration
Authentication
Account Association
Restore/Backup
API Reference
Docs powered by archbee 
3min

Google Workspace

BlokSec can be configured to support passwordless login to your Google Workspace.

The BlokSec <> Google Workspace integration enables authentication via the SAML protocol. Configuration involves a few simple steps on both the BlokSec admin UI and the Google Workspace admin console.

BlokSec Admin UI

  1. Sign into BlokSec admin UI as a user with admin privileges for your tenant
  2. On the main dashboard, click the Add Application drop-down and select Create From Template, and select Google Workspace
  3. Complete the application details as follows and submit:
    • Name: Google Workspace (or your desired application name – we will assume this is called ‘Google’ for the remainder of this article)
    • Entity ID: https://www.google.com/a/<your domain>/acs (for example: https://www.google.com/a/bloksec.com/acs)
    • NameID Source: Account name
    • Assertion Consumer Service: https://www.google.com/a/<your domain>/acs (for example: https://www.google.com/a/bloksec.com/acs)
    • Name ID Format: EmailAddress (keep default value of EmailAddress)
  4. Click Submit to save the configuration
  5. Click View Cert and then select Copy. Paste the certificate in a text editor of your choice and save the file as BlokSecGoogleCert.pem
  6. Make note of the SSO Uri as it will be required when configuring Google Workspace

Google Workspace Admin Console

  1. Sign into the Google Workspace admin console as a user with admin privileges for your tenant
  2. Navigate to Security > Setup single sign-on (SSO) with a third party IdP
  3. Complete the identity provider configuration with the following values (adjusting if required to meet your desired behaviour):
    • Sign-in page URL: Copy / enter the SSO Uri noted in step 6 above
    • Sign-out page URL: https://mail.google.com/a/<your domain> (for example https://mail.google.com/a/bloksec.com)
    • Verification certificate: Upload the certificate file saved in step 5 above
    • Click Save to apply the configuration changes
  4. Send your users the following URL to login via passwordless https://mail.google.com/a/<your domain> (for example https://mail.google.com/a/bloksec.com)



Updated 03 Mar 2023
Did this page help you?
Yes
No
UP NEXT
Salesforce
Docs powered by archbee 
TABLE OF CONTENTS
BlokSec Admin UI
Google Workspace Admin Console