Google Workspace SSO
RoboForm Single Sign On (SSO) integration allows users to be automatically signed in to RoboForm without needing to use a Master Password. Instead, the user will be redirected to the Google Workspace authentication portal, where they will be able to verify their identity through Google.
This article will cover how to enable SSO integration through Google Workspace, additional documentation from Google's help center may be useful as an additional reference point during this process and can be found here.
Integrate RoboForm with Google Workspace
1) Log into the Google Workspace cloud console here.
2) Make sure the relevant project is selected.
3) Navigate to APIs & Services
4) Click on Enable APIs & Services
5) Search for Google Drive API and enable it
6) From the main menu in the upper-left corner, select APIs & Services >OAuth consent
screen
7) Select Clients
8) Click on ‘Create client’
9) Select Application type > Web application
10) Enter a relevant name for the application
11) Next to ‘Authorized JavaScript origins’ click on ‘Add URI’
Add the following URIs:
https://ljfpcifpgbbchoddpjefaipoiigpdmag.chromiumapp.org/
https://pnlccmojcmeohlpggmfnbbiapkmbliob.chromiumapp.org/
Optional (for EU server only):
12) Next to ‘Authorized redirect URIs’ click on ‘Add URI’ add the following URIs
Add the following URIs:
http://localhost:42019/oidc-callback
http://localhost:42020/oidc-callback
http://localhost:42021/oidc-callback
https://online.roboform.com/oidc-callback
https://pnlccmojcmeohlpggmfnbbiapkmbliob.chromiumapp.org/oidc-callback
https://ljfpcifpgbbchoddpjefaipoiigpdmag.chromiumapp.org/oidc-callback
Optional (for EU server only):
https://accounts.roboform.eu/oidc-callback
13) Click ‘Create’
14) Copy the ‘Client ID’ value somewhere, as it will be used later when setting up integration within the
RoboForm Admin Center
15) Click OK
16) Navigate to ‘Data access’
17) Click on ‘Add or remove scopes’
18) Find and add the following 6 scopes, then click the Update button
|
Scope |
User-facing description |
|---|---|
| .../auth/userinfo.email | See your primary Google Account email address |
| .../auth/userinfo.profile | See your personal info, including any personal info you've made publicly available |
| openid | Associate you with your personal info on Google |
| .../auth/drive.file | See, edit, create, and delete only the specific Google Drive files you use with this app |
| .../auth/drive.appdata | See, create, and delete its own configuration data in your Google Drive |
| .../auth/drive.install | Connect itself to your Google Drive |
19) Click Save button in the bottom to save changes
20) Log in to the RoboForm company administrator at https://online.roboform.com
21) Navigate to the Integrations tab
22) Select ‘Google Workspace / G Suite’
23) Navigate to the “Single Sign-On (SSO)” tab, fill the relevant Web Application ID and Desktop Application ID fields, and click Next
24) Select which users will have SSO enabled:
No one - This option will complete the SSO integration but will not activate it for any users.
All Users and Groups - This option will enable SSO for all users in the company.
Selected Groups - This option will enable SSO for users in specified groups.
This setting can be changed after the setup is complete.
When ready, click Activate SSO Integration, this will open a prompt for final confirmation to complete RoboForm's integration with Google Workspace.
SSO integration has now been configured for Google Workspace. All users that this functionality has been assigned to can begin signing in to RoboForm using SSO.
IMPORTANT USAGE NOTES:
In order to correctly setup or login using SSO, the user must be logged into their Google account
in Chrome. Otherwise, Chrome will initiate profile change procedures that can break the
sequence causing "Bad request" errors.
Comments
0 comments
Article is closed for comments.