Description: The customer has set up SAML with GSuite, and everything works except getting the Group Mapping.
Resolution: The Groups of GSuite are not available in the Google Directory attributes, an alternative way to use is using ex. Department of Employee details from Google.
You can refer to the below sample screenshots of GSuite attributes and OpenVPN Cloud Attributes which you can find from your GSuite Admin Console > Apps > Web and mobile apps > choose the created SAML for OpenVPN Cloud > SAML attribute mapping > Add Mapping > Department: Group
From your OpenVPN Cloud Portal > Settings > User Authentication > Edit > SAML > View Attribute Mapping > Attribute Mapping > Group : Department(see below of sample screenshot)
From the example below, the GSuite User is part of Department 'Admin', which you can find your Employee Information from your GSuite Admin Console > Directory > Users > choose the user > User Information > Employee Information > Department, and from your OpenVPN Cloud you can map It to your own OpenVPN Cloud Groups by going to your OpenVPN Cloud Portal > Settings > User Authentication > Edit > SAML > View Group Mapping > Add Rule(see below of sample screenshots).
Comments
0 comments
Please sign in to leave a comment.