Creating a Gateway SAML app on google workspace
To configure a web application for Seqrite ZTNA user portal authentication on Google workspace admin console, follow these steps. This application is used for SAML authentication.
- Log on to your google workspace admin console and navigate to Apps > Web and mobile apps.
- Click the Add app drop-down menu and select Add custom SAML app.
- Provide your app details such as App name and Description and click Continue.
- Click Download Metadata to download the metadata xml file used to configure IDP while onboarding on the admin console. Click Continue.
- On the Service provider details page, enter the following details.
- Enter the ACS URL.
- Enter the entity ID.
- Select the checkbox for signed response option.
- Select Email in Name ID format.
- In Name ID, select Basic Information> Email.
Note:
The ACS URL and the Entity ID must contain your company domain on which you want to host the Seqrite ZTNA Gateway.- Example ACS URL: https://company.com/api/v1/saml/acs/callback
- Example entity ID: https://company.com/qh/gw
- In this step, we have to add the mappings.
- In the basic information drop-down menu, select Primary email.
- Enter the attribute name.
- Click Add Mapping. Click Save.
Note:
The app attribute name should be in all lowercase alphabets only as used in the example ‘email’. Alphanumeric, special chars and space should not be used.
- After finishing the app creation, navigate to the created app.
Make sure the user access for this app is turned ON as highlighted in the following image.
If it is not turned on, click the View details button and select On.
The SAML application is now ready to be used for authenticating the google workspace users on the Seqrite ZTNA user portal.