Skip to main content

SureAccess Login with Google Workspace

This guide focuses specifically on configuring SureAccess as a secure VPN gateway using Google Workspace (formerly G Suite) for authentication. In this setup, the Google login screen acts as the identity provider that users must pass through to establish a secure VPN tunnel to corporate resources.

The integration process consists of two main steps:

Configure Google Workspace for SAML Integration

Configure SureAccess Authentication Type in SureMDM

Step 1: Configure Google Workspace for SAML Integration

To configure SAML settings on the Google Workspace Admin Portal, follow these steps:

  1. Log in to the Google Admin Console (admin.google.com) using your administrator credentials.

  2. Navigate to Apps > Web and mobile apps.

  3. Click on Add App > Add Custom SAML app.

  4. Enter the App Name (e.g., SureAccess) and click Continue.

  5. On the Google Identity Provider details page, click Download Metadata.

  6. Keep this file accessible, as you will need the SSO URL and Entity ID later. Click Continue.

  7. Under Service Provider Details, enter the following:

    • ACS URL: https://<Your_SureMDM_URL>/saml?id=<Your_Account_ID>

    • Entity ID: urn:42gears:suremdm:SAML2ServiceProvider

note

Replace <Your_SureMDM_URL> with your actual SureMDM server path and <Your_Account_ID> with your unique Account ID.

  1. Click Continue and then Finish.

Ensure the User Access for the app is set to ON for everyone (or specific organizational units) to allow users to authenticate.

Step 2: Configure SureAccess Authentication Type in SureMDM

Once the Google Workspace app is ready, link it to your SureMDM console:

  1. Log in to the SureMDM Console.

  2. Go to Settings > Account Settings > Enterprise Integrations > SureAccess > SureAccess Configuration > SureAccess Authentication.

  3. Set SureAccess Authentication Type to SAML Authentication.

  4. Select Google Workspace.

  5. Enter the values obtained from the Google Metadata file:

    • Service Identifier: Use the Entity ID from Google.

    • Sign On Service URL: Use the SSO URL from Google.

    • Logout Service URL: Use the SSO URL from Google.

  6. Click Apply to save.