habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
752796a6d7d7b89c3deab6dfda110857ef96ea25
authentik/website/docs/add-secure-apps/providers/gws/add-gws-provider.md
Tana M Berry 6d5172d18a website: latest PR for new Docs structure (#11639) 
* first pass

* dependency shenanigans

* move blueprints

* few broken links

* change config the throw errors

* internal file edits

* fighting links

* remove sidebarDev

* fix subdomain

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix relative URL

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix mismatched package versions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix api reference build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* test tweak

* links hell

* more links hell

* links hell2

* yep last of the links

* last broken link fixed

* re-add cves

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add devdocs redirects

* add dir

* tweak netlify.toml

* move latest 2 CVES into dir

* fix links to moved cves

* typoed title fix

* fix link

* remove banner

* remove committed api docs

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* integrations: remove version dropdown

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Update Makefile

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* change doc links in web as well

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix some more docs paths

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix more docs paths

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* ci: require ci-web.build for merging

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Revert "ci: require ci-web.build for merging"

This reverts commit b99a4842a9.

* remove sluf for Application

* put slug back in

* minor fix to trigger deploy

* Spelled out Documentation in menu bar

* remove image redirects...

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove explicit index.md

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove mdx first

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* then remove .md

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add missing prefix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2024-10-09 09:33:40 -05:00

3.4 KiB
Raw Blame History

title
title
Create a Google Workspace provider

Enterprise

:::info This feature is in technical preview, so please report any bugs on GitHub. :::

For more information about using a Google Workspace provider, see the Overview documentation.

Prerequisites

To create a Google Workspace provider in authentik, you must have already configured Google Workspace to integrate with authentik.

:::info When adding the Google Workspace provider in authentik, you must define the Backchannel provider using the name of the Google Workspace provider that you created in authentik. If you have also configured Google Workspace to log in using authentik following these, then this configuration can be done on the same app. :::

Create the Google Workspace provider in authentik

  1. Log in as an admin to authentik, and go to the Admin interface.

  2. In the Admin interface, navigate to Applications -> Providers.

  3. Click Create, and select Google Workspace Provider, and in the New provider modal box, define the following fields:

    • Name: define a descriptive name, such as "GWS provider".

    • Protocol settings

      • Credentials: paste the contents of the JSON file you downloaded earlier.
      • Delegated Subject: enter the email address of the user all of authentik's actions should be delegated to
      • Default group email domain: enter a default domain which will be used to generate the domain for groups synced from authentik.
      • User deletion action: determines what authentik will do when a user is deleted from authentik.
      • Group deletion action: determines what authentik will do when a group is deleted from authentik.

    • User filtering

      • Exclude service accounts: set whether to include or exclude service accounts.
      • Group: select any specific groups to enforce that filtering (for all actions) is done only for the selected groups.

    • Attribute mapping

      • User Property Mappings: select any applicable mappings, or use the default.
      • Group Property Mappings: select any applicable mappings, or use the default.

  4. Click Finish.

Create a Google Workspace application in authentik

  1. Log in as an admin to authentik, and go to the Admin interface.

  2. In the Admin interface, navigate to Applications -> Applications. :::info If you have also configured Google Workspace to log in using authentik following these, then this configuration can be done on the same app by adding this new provider as a backchannel provider on the existing app instead of creating a new app. :::

  3. Click Create, and in the New provider modal box, and define the following fields:

    • Slug: enter the name of the app as you want it to appear in the URL.
    • Provider: when not used in conjunction with the Google SAML configuration should be left empty.
    • Backchannel Providers: this field is required for Google Workspace. Select the name of the Google Workspace provider that you created in the steps above.
    • UI settings: leave these fields empty for Google Workspace.

  4. Click Finish.