Hello team,
I have been trying to configure FortiAuthenticator as an IDP proxy for google workspace for a few days now. Unfortunately, Fortinet only has a full documentation on how to do it with Azure. But only half documentation for Google Workspace.
I am stuck at the point where, when I configure my service account in GCP following this procedure https://support.google.com/a/answer/7040511?hl=en&ref_topic=4498019&sjid=3081473869943439631-NA#step...
The SAML groups don't synchronise from Google workspace to FortiAuthenticator. Does anyone here have a procedure, documents of knows how to make Oauth work between FortiAuthenticator and google workspace?
Please refer to the below documentation regarding configuration of FAC side as Saml IDP with Google Workspace
Created on 01-08-2024 08:32 AM Edited on 01-08-2024 08:33 AM
Hello @rbraha ,
I have been following this doc for the last 2 days. This docs is ok for FortiAuthenticator, but it does not help me for the google workspace side. The doc does not show how to configure things (SAML, Oauth, Service account, attribute mapping) on the google workspace side.
Do you have any doc on that?
Please check with google support side if they can provide some documentation about this configuration.
Hi @rbraha , with all due respect, as a vendor of a product, it is your responsibility to provide guidance on how to integrate with officially supported third party products mentioned in your documentations and datasheets.
If Fortinet had not mentioned that FortiAuthenticator was officially supported as an IDP proxy with google workspace I would have understand and I would have not expected any documentations. But since it is mentioned officially, I expect complete documentation.
For example, Fortinet made this amazing video on how to configure FortiAuthenticator as an IDP proxy with Azure https://www.youtube.com/watch?v=UymIqkaVRqw&t=301s
This is exactly what I am trying to achieve with google workspace. Do you have something similar to this youtube video that would guide me to configure google workspace like it was done for Azure?
Hello,
Do you have any success on this?
I faced the some problem with no guidance on the service account creation on Google that satisfy the FortiAuthenticator requirement
Thanks
Yes it is working now, I found the solution.
You need to connect your FortiAuthenticator with LDAPS to Google workspace, from there you can sync all your identities. https://docs.fortinet.com/document/fortiauthenticator/6.5.0/cookbook/442690/google-workspace-integra...
Once you have that, then you need to configure Workspace as an SP to your FAC that will be the IDP. https://www.ultraviolet.network/post/configuration-guide-fortiauthenticator-as-google-workspace-saml...
From there you can inject your FortiTokens.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.