Google Workspace (formerly G Suite) SSO
SureMDM offers seamless integration with Google Workspace (formerly G Suite) Single Sign-On (SSO), streamlining user access and enhancing security within your organization's device management ecosystem. With Google Workspace (formerly G Suite) SSO integration, users can access SureMDM using their existing Google Workspace (formerly G Suite) credentials. This eliminates the need for separate login information and simplifies the user experience.
Configure Settings in Google Admin Console
To configure SureMDM Single Sign-On with Google Workspace (formerly G Suite), follow these steps:
Login to https://admin.google.com with Google Workspace (formerly G Suite) credentials.
Click Apps.
Click SAML apps.
Click Add.
Click Setup My Own Custom App.
On the Google IdP Information prompt, copy SSO URL, Entity ID and Certificate and click Next. Click Download to download the certificate.
SSO URL, Entity ID and Certificate details are required while configuring SSO in 42Gears UEM.
Enter the Application Name and select the logo file in Upload Logo and click Next.
Enter the ACS URL and Entity ID and click Next.
Example for ACS URL :https:// (SureMDM Server Path)/console/ssoconsumer/(Encrypted MDM Account ID)
Admin should enter their SureMDM Server Path and Account ID into the above-mentioned URL. To get the encrypted account ID, follow these steps:
Navigate to the SureMDM Console > Account Settings > Enterprise Integrations > SAML Single Sign-On.
On the SAML Single Sign-On screen, locate the Assertion URL to get the Encrypted Account ID.
Click Finish.
Click OK.
Click Edit Service.
Select ON for everyone and click Save.
Configure Settings in SureMDM Web Console (Google Workspace (formerly G Suite))
Navigate to SureMDM Web Console > Settings (icon located at top right of the screen) > Account Settings > Enterprise Integrations > SAML Single Sign-On.
Configure Single Sign-On settings for Google Workspace (formerly G Suite).
| Settings | Description |
|---|---|
| Enable Single Sign-On | Select this option to allow configuring Single Sign-On settings. |
| Select Identity Provider (IdP) | Select Google Workspace (formerly G Suite). |
| Service Identifier | Enter the Service Identifier Url that has copied from step no.6, configure settings in Google Admin Console. |
| Sign On Service Url | Enter the URL for Sign On service Url that has copied from step no.6, configure settings in Google Admin Console |
| Logout Service Url | Enter the URL for logout. !Note: Generally, the URL for Sign On Service Url and Logout Service Url will be the same. |
| Roles | Choose an option for the Roles from the drop-down menu. To know more see Configure Permissions for Role-Based Admin. |
| Device Group Set | Choose an option for Device Group Set from the drop-down menu. To know more, see Configure Permissions for Device Group Set Based Admin |
| Jobs/Profiles Folder Set | Choose an option for Device Group Set from the drop-down menu. To know more, see Configure Permissions for Job Folder Set Based Admin. |
- Click Upload Certificate to upload the certificate that has downloaded from Google Idp information prompt, refer to step no.6, configure settings in Google Admin Console and click Ok.
Ensure password field to be empty.
Click Done.
Login to Google Workspace (formerly G Suite) account in any browser and use the below url to login to SureMDM server.
For example: https://\<SureMDM Server URL>/console/ssologin/(SureMDM Account ID)
Admins should enter their Server URL and Account ID into the above-mentioned URL.