Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

FortiAuthenticator OAUTH - Google Workspace not working

Hello team, 


I have been trying to configure FortiAuthenticator as an IDP proxy for google workspace for a few days now. Unfortunately, Fortinet only has a full documentation on how to do it with Azure. But only half documentation for Google Workspace.


I am stuck at the point where, when I configure my service account in GCP following this procedure


The SAML groups don't synchronise from Google workspace to FortiAuthenticator. Does anyone here have a procedure, documents of knows how to make Oauth work between FortiAuthenticator and google workspace?



Hi @cyberexplorer 


Please refer to the below documentation regarding configuration of FAC side as Saml IDP with Google Workspace


Hello @rbraha ,


I have been following this doc for the last 2 days. This docs is ok for FortiAuthenticator, but it does not help me for the google workspace side. The doc does not show how to configure things (SAML, Oauth, Service account, attribute mapping) on the google workspace side.


Do you have any doc on that?


Hi @cyberexplorer 

Please check with google support side if they can provide some documentation about this configuration.


Hi @rbraha , with all due respect, as a vendor of a product, it is your responsibility to provide guidance on how to integrate with officially supported third party products mentioned in your documentations and datasheets.


If Fortinet had not mentioned that FortiAuthenticator was officially supported as an IDP proxy with google workspace I would have understand and I would have not expected any documentations. But since it is mentioned officially, I expect complete documentation.


For example, Fortinet made this amazing video on how to configure FortiAuthenticator as an IDP proxy with Azure


This is exactly what I am trying to achieve with google workspace. Do you have something similar to this youtube video that would guide me to configure google workspace like it was done for Azure?

New Contributor



Do you have any success on this?

I faced the some problem with no guidance on the service account creation on Google that satisfy the FortiAuthenticator requirement



New Contributor II

Yes it is working now, I found the solution.


You need to connect your FortiAuthenticator with LDAPS to Google workspace, from there you can sync all your identities.



Once you have that, then you need to configure Workspace as an SP to your FAC that will be the IDP.


From there you can inject your FortiTokens.

Top Kudoed Authors