This article details both how to configure Google Workspace for authentication and how to configure the Google Security Operations SOAR platform to support this.
Configure Google Workspace for single sign-on (SSO)
1. Navigate Google Admin Portal
2. Select "Apps"
3. Click "Web and mobile apps" and select "Add custom SAML app" from the drop-down "Add App" menu
4. Enter the new name of App and upload an App icon. Then click "Continue"
5. In the Google IdP Information screen at this stage, open new tab in your browser and go to Settings > System Settings > Integrations >SAML via Starling portal
- Select the vendor type as "Google"
- Select the status as "Active"
- Enter the Entity ID key in the Enterprise Identifier field
- Enter the SSO URL key in the Login URL field
- Enter the desired URL in the Logout URL section
- Enter the Certificate key in the Certificate section
- Click "Save"
- Close this page and reopen it
- Then navigate to the Google IdP Information screen and click "Next"
6. The system will automatically generate Entity ID, Reply URL, Sign URL, and Logout URL keys
7. In the "Service Provider Details" screen, input the following information:
- ACS URL > Reply URL (from Starling SAML Modal)
- Entity ID > Entity ID (from Starling SAML Modal)
- Start URL > Sign URL (from Starling SAML Modal)
- Click "Next"
8. On the "Attribute Mapping" page, click "ADD MAPPING"
9. Set the Primary email as "email" and click "Finish"
10. Navigate to the application detail page and input user access details
11. Select the "ON for everyone" service status option and click "Save"
12. On the "User Access Detail" page, there is an option to add group membership for certain users who can use SAML access. (OPTIONAL)
13. Access the Starling login page and click "Corporate Login"
14. Enter your email address (*) It must be a registered email address on Starling
15. Click the Google button (If there is only one SAML vendor type for the tenant, it will directly redirect to the vendor page. You may not see this page)
16. Redirect to the Google login page and select your entered account
17. If your login information is correct, Google will redirect you to the Starling Dashboard page
Important Note: Pre-requisites for SAML Login
Before attempting to log in with SAML, please ensure the following:
-
(*) Starling Dashboard User Existence
Your email address, which you intend to use for SAML login, must be registered and exist in the Starling portal
You may create users under Management > Users
Comments
0 comments
Article is closed for comments.