[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-07 UTC."],[[["\u003cp\u003eThis guide explains how to configure Google Workspace for Single Sign-On (SSO) authentication with the Google Security Operations SOAR platform.\u003c/p\u003e\n"],["\u003cp\u003eConfiguration in Google Workspace involves creating a custom SAML app, entering specific URLs and IDs, and mapping user attributes like email.\u003c/p\u003e\n"],["\u003cp\u003eSOAR platform configuration requires creating a custom SAML provider, uploading the Google Workspace metadata, and specifying the Google Workspace Identifier and ACS URL.\u003c/p\u003e\n"],["\u003cp\u003eUsers should note that this configuration guide applies exclusively to standalone SOAR platform customers.\u003c/p\u003e\n"]]],[],null,["SAML configuration for Google Workspace \nSupported in: \n[SOAR](/chronicle/docs/secops/google-secops-soar-toc)\n\n\u003cbr /\u003e\n\n| **Note:** This document is for customers using the standalone SOAR platform only.\n\n\u003cbr /\u003e\n\nThis document explains how to configure Google Workspace for authentication and how to configure the Google Security Operations SOAR platform to support this.\n\nConfigure Google Workspace for single sign-on (SSO)\n\n1. Navigate to the [Google Admin Portal](https://admin.google.com/u/5/?pli=1).\n2. Select Apps. \n[](/static/chronicle/images/soar/samlgw1.png)\n3. Click on Web and mobile apps. Select Add custom SAML app from the drop-down Add App menu. \n[](/static/chronicle/images/soar/samlgw2.png)\n4. Enter the New Name of App and upload an App icon. Then click Continue. \n[](/static/chronicle/images/soar/samlgw3.png)\n5. In the Google IdP Information screen, click **Next** . \n[](/static/chronicle/images/soar/samlgw4.png)\n6. In the Service Provider Details screen, enter the following information:\n - ACS URL: https://{your_siemplify_server_IP_address}/Saml2/Acs\n - Entity ID: https://{your_siemplify_server_IP_address}/Saml2\n - Click **Next** . \n7. In the Attribute Mapping screen, click **Add New Mapping** . \n8. Set the Primary email to **email** . \n[](/static/chronicle/images/soar/samlgw7.png)\n9. Make sure that the Service Status Button is on. \n[](/static/chronicle/images/soar/samlgw8.png) \n\nThe following is an example of SAML functioning properly: \n[](/static/chronicle/images/soar/samlgw9.png)\n\nConfigure Google Workspace in Google SecOps SOAR\n\n1. Navigate to **Settings \\\u003e Advanced \\\u003e\n External Authentication**.\n2. Create a new custom SAML provider.\n3. In the **Provider Type** menu, select **G Suite**.\n4. In the **Provider Name** field, enter any name you want. For example, `mycompany_workspace`.\n5. Return to the Google Workspace app that you created and select **Download Metadata**.\n6. In the dialog that opens, click **Download Metadata** and save the information.\n7. In the Google SecOps SOAR platform, in the **IdP Metadata** field, click **Upload** to upload the metadata you just downloaded.\n8. Return to the Google Workspace app, expand **Service provider details** , and click **Manage Certificates**.\n9. In the **SAML Certificates** dialog that appears, under the **Google Identity Provider Details** heading, locate the **Entity ID** field and copy its contents. Make sure not to mistakenly copy over contents from the **Entity ID** field that is located in the main **Service provider details** page.\n10. In the Google SecOps SOAR platform, paste the contents into the **Identifier** field.\n11. Return to the Google Workspace app, and expand **Service Provider\n details** . Locate the **ACS URL** field and copy its contents.\n12. In the Google SecOps SOAR platform, paste the contents into the **ACS URL** field. Make sure to remove the trailing \"/Acs\" at the end of the URL.\n13. Click **Save**.\n\nFor more information, see [External Authentication.](/chronicle/docs/soar/admin-tasks/saml-soar-only/external-authentication)\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
