Single Sign-On (SSO) Connection Task for HENNGE Access Control and Google Workspace (Modern View)

Target

Customers who configure Single Sign-On (SSO) for HENNGE Access Control and Google Workspace are targeted.

Purpose

Configure Single Sign-On (SSO) for HENNGE Access Control and Google Workspace to perform login to Google Workspace from HENNGE Access Control.

Precautions

1. At the time of performing the steps in this article, the login screen of Google Workspace will change to HENNGE Access Control.

2. Information (username & password) of the HENNGE Access Control administrator account is required.

3. Information (username & password) of the privileged administrator account of the Google Workspace tenant is required.

4. Google Workspace accounts with privileged administrator privileges are excluded from Single Sign-On (SSO).
https://support.google.com/a/answer/6341409?hl=en-us

5. Before performing this operation, always ensure that a user with the same email address exists in both Google Workspace and HENNGE Access Control.
    If the email addresses do not match, or if the user does not exist in one of them, the user will not be able to log in to Google Workspace.

6. Depending on your contract, there may be some differences between the screenshot displayed and the actual product screen.

7. The content of this article is based on the product content as of April 2024, and may be changed without prior notice thereafter.

Detailed Steps & Explanation

1. Server Certificate Download

1.1. Access [ Connected Services ] in the left menu of the HENNGE Access Control management screen.

1.2. Select display name [ Gmail ].

1.3. Select [ Metadata ] on the top right corner.

1.4. Select [ Download ] for the SAML Signing Certificate and download the certificate file (.crt) to your device.

2. Enable Service Provider Settings in Access Policy Group

In the Access Policy Group to which users using Google Workspace belong, check the item [ Gmail ] and select [ Change ].
※ If you proceed without checking this box, you will encounter a 404 error during single sign-on.

3. Confirm the input details on the Single Sign-On (SSO) settings screen

Normally, the input details when configuring Single Sign-On (SSO) for Google Workspace and HENNGE Access Control are listed in advance on the document provided by the HENNGE One installation personnel/support point, HENNGE One Connection Setup Sheet.

4. API Client Registration

If the following steps have not yet been performed, please proceed with them.

Setting API authorization for user provisioning (Google Workspace)

5. Configuration of Single Sign-On (SSO)

5.1. Access the Google Workspace Admin Console and click [Overview] in [ Security ].

5.2. Inside the [ Security ] menu, click [ Set up single sign-on (SSO) with a third party IdP ].

5.3. Click on [ SSO profile for your organization ] within the menu [ Third-party SSO profile for your organization ].

5.4. Check the box [ Set up SSO with third-party identity provider ].

5.5. Enter the [ Single Sign-On (SSO) settings ] details as guided by HENNGE.

Example of setting strings (values vary by customer)

・Login page URL

https://ap.ssso.hdems.com/portal/example.com/login/

・Logout page URL

https://ap.ssso.hdems.com/portal/example.com/logout/

・Password change URL

https://ap.ssso.hdems.com/portal/example.com/login/

Screenshot 2024-06-26 at 19.09.56.png

5.6. Upload the certificate downloaded in [ 1. Server Certificate Download ] of this article.

5.7. Check the box [ Use a domain specific issuer ].

5.8. Click [ Save ].

5.9. Verify that the Single Sign-On (SSO) has been completed successfully.

Follow the content of the following article to verify that the Single Sign-On (SSO) has been completed successfully.

Verification of Single Sign-On (SSO) between HENNGE Access Control and Google Workspace

5.10. Inform the HENNGE One installation personnel that the Single Sign-On (SSO) has been completed.

Once the Single Sign-On (SSO) settings are complete and verified to be functioning correctly, contact the HENNGE One installation personnel.

Reference Articles

          
Was this article helpful?