Preface
This document describes the configurations required for SAML2.0 integration between the Octopus Authenticator and G-suite service
Octopus Authenticator Saml2.0 Service Configuration
- Login to Octopus Authenticator Console
- Select Services from the left pane
- Select Add Service
- Click G-Suite service template
Tab 1 – General Information
The following fields and values are displayed
Fields name | Fields Value |
Service name | Google G Suite (default) |
Issuer | Google (default) |
Description | |
Service status | Enable (default) |
Display icon | |
Login page URL | <https://<Enterprise Base URL>/google-saml/<No.>/login> |
Note: Secret Double Octopus recommendation is to leave the default field values as is.
Tab 2 – Parameters
The following fields and values are displayed
Field name | Field value |
Login | |
G Suite email | |
G Suite domain | Domain name |
+Add additional parameter | Do not add any parameters |
Tab 3 – Sign On
The following fields and values are displayed
Field name | Field value |
Multi Factor Authentication (MFA) | Off (default) |
Sign-on Method | SAML 2.0 |
X.509 Certificate | |
SAML signature algorithm | SHA-1 (default) |
Single Sign On (SSO) | Off (default) |
Issuer URL | http://<Enterprise base URL>/google-saml/<No.> |
SAML 2.0 Endpoint (HTTP) | http://<Enterprise base URL>/google-saml/login |
Custom message |
Note: Secret Double Octopus recommendation is to leave the default field values as displayed.
Step 4 – Users
To configure the users of the service
- Select users from either “Local Users” or “LDAP Users” lists
- You can select either:
- A group of users to import, by clicking on the dot next to one of the folders
- An individual user to import, by clicking on the dot next to that user
The corresponding dot will then be colored blue. When you select only some of the users in the group, the dot adjacent to the group will be colored partially.
After you click SAVE SETTINGS, the selected users will be enrolled in the service.
- Click SAVE SETTINGS
Set up SSO for G-Suite account using Octopus Authenticator Identity Provider
- Login to your Google G Suite Admin account
- Select Security
Under “Security” page Select Set up single sign-on (SSO)
- Under “Set up single sign-on” page Select option 2 Setup SSO with third party identity provider
[Back to Secret Double Octopus Management Console]
To retrieve the parameters:
- Select Services from the left pane
- Select Google G Suite service
- In the Sign On tab copy the SAML 2.0 Endpoint (HTTP) value
Retrieve the certificate file by clicking DOWNLOAD under X.509 Certificate.
[Return to G-Suite Security Configuration Page]
Fill out the following parameters with that SAML 2.0 Endpoint value:
- Sign in page URL
- Sign out page URL
Do not enter a password page URL
Select that downloaded certificate file in Verification Certificate.