Google G Suite federated authentication service allows users to log in to G Suite using SAML (Security Assertion Markup Language) authentication.
SAML provides an open-standard for exchanging authentication and authorization information between parties, in particular, between an identity provider and a service provider. An identity provider (such as idQ Enterprise) is a service that manages user identities. Users who are authenticated by the identity provider can obtain a token to log in to G Suite.
idQ TaaS (Trust as a Service) provides a passwordless authentication for logging in to G Suite via SAML protocol. To be protected by idQ TaaS Platform, G Suite needs to be integrated with idQ Enterprise - a major component of idQ TaaS. idQ TaaS enables users to securely log in to G Suite by scanning idQ QR codes using an idQ Trusted Device. Authorization is performed by inBay’s idQ TaaS located on the Internet cloud.
This guide describes how to perform configuration to integrate G Suite with idQ Enterprise so that users can log in to G Suite through SAML authentication via idQ TaaS.
- G Suite account with administrative privileges.
- Need the Fully Qualified Domain Name (FQDN) of your organization's G Suite.
- Need the FQDN of your organization's idQ Enterprise.
- Verification certificate of idQ Enterprise for G Suite SAML assertion. Instructions to create this certificate are found in the G Suite - Configuration instructions section.
- G Suite SAML SP Metadata XML file for IdQ Enterprise. Instructions to create this certificate are found in the idQ Enterprise - Configuration of G Suite section.
- Set up Single Sign-On for G Suite Accounts Using Third-Party Identity Providers
- idQ User Guide
- User Guide - idQ Access for Android
- User Guide - idQ Access for iOS