< Back
You are here:

HOW TO CONFIGURE OCTOPUS AUTHENTICATOR FOR GOOGLE G-SUITE

This page shows you how to add multifactor authentication to your Google G-Suite using the Octopus Authenticator to gain more control and security over how users log into your network.

  • Login to Octopus Authenticator Console
  • Select Services from the left pane
  • Select Add Service
  • Click G-Suite service template

 


Tab 1 – General Information

The following fields and values are displayed

Fields name

Fields Value

Service name

Google G Suite (default)

Issuer

Google (default)

Description

Service status

Enable (default)

Display icon

Login page URL

<https://<Enterprise Base URL>/google-saml/<No.>/login>

Note: Secret Double Octopus recommendation is to leave the default field values as is.

 


Tab 2 – Parameters    

The following fields and values are displayed

Field name

Field value

Login

email

G Suite email         

email

G Suite domain

Domain name

+Add additional parameter

Do not add any parameters

 


Tab 3 – Sign On

The following fields and values are displayed

Field name

Field value

Multi Factor Authentication (MFA)

Off (default)

Sign-on Method

SAML 2.0

X.509 Certificate

 

SAML signature algorithm

SHA-1 (default)

Single Sign On (SSO)

Off (default)

Issuer URL

http://<Enterprise base URL>/google-saml/<No.>

SAML 2.0 Endpoint (HTTP)

http://<Enterprise base URL>/google-saml/login

Custom message

Note: Secret Double Octopus recommendation is to leave the default field values as displayed.

 


Step 4 – Users

To configure the users of the service

  • Select users from either “Local Users” or “LDAP Users” lists
  • You can select either:
    • A group of users to import, by clicking on the dot next to one of the folders
    • An individual user to import, by clicking on the dot next to that user

The corresponding dot will then be colored blue. When you select only some of the users in the group, the dot adjacent to the group will be colored partially.

After you click SAVE SETTINGS, the selected users will be enrolled in the service.

  • Click SAVE SETTINGS

 


Set up SSO for G-Suite account using Octopus Authenticator Identity Provider

  • Login to your Google G Suite Admin account
  • Select Security

Under “Security” page Select Set up single sign-on (SSO)

  • Under “Set up single sign-on” page Select option 2 Setup SSO with third party identity provider


 

[Back to Secret Double Octopus Management Console]

To retrieve the parameters:

  • Select Services from the left pane
  • Select Google G Suite service
  • In the Sign On tab copy the SAML 2.0 Endpoint (HTTP) value

Retrieve the certificate file by clicking DOWNLOAD under X.509 Certificate.


 

[Back to Amazon Web Services Web Page]

Fill out the following parameters with that SAML 2.0 Endpoint value:

  • Sign in page URL
  • Sign out page URL

Do not enter a password page URL

Select that downloaded certificate file in Verification Certificate.