Integrating with Google Cloud

You can integrate Google Cloud with the Jamf Protect web app to use single sign-on (SSO) with your organization's Google credentials.

Integrating with Google involves the following steps:

  1. Create a SAML app for your Jamf Protect web app in Google Workspace.

  2. Connect your app registration with your Jamf Protect tenant. This is done by your Jamf Customer Success Manager.

Creating a SAML App in Google Workspace

Requirements

A Google Workspace administrator account

  1. Sign in to your Google Workspace using your administrator account.
  2. Navigate to the Admin console homepage and go to Apps > SAML apps.
  3. Click Add App > Add custom SAML app.
  4. Name your app Jamf Protect or something similar.
  5. Download or copy the IdP metadata.
    Note:

    This information must be provided to Jamf to finish the SSO setup

  6. Depending on your region, enter the following in the ACS URL:
    Note:

    The <ConnectorName> variable in each value must be in the following format: tenantname-protect-jamfcloud-com

    To create this value, replace the periods in your Jamf Protect tenant URL (tenantname.protect.jamfcloud.com) with hyphens.

    • UShttps://auth.protect.jamfcloud.com/login/callback?connection=<ConnectorName>
    • EUhttps://eu-auth.protect.jamfcloud.com/login/callback?connection=<ConnectorName>
    • APAChttps://au-auth.protect.jamfcloud.com/login/callback?connection=<ConnectorName>
  7. Depending on your region, enter the following in the Entity ID field:
    • USurn:auth0:jamf:<ConnectorName>
    • EUurn:auth0:eu-jamf:<ConnectorName>
    • APACurn:auth0:au-jamf:<ConnectorName>
  8. Enter EMAIL in the Name ID field.
  9. Skip the Attributes pane and click Finish.

You can now add users using the User Access pane in your Jamf Protect SAML app and contact your Jamf Customer Success Manager to connect Jamf Protect with your Google Workspace domain.

Connecting your SAML App to your Jamf Protect Tenant

After you have created your registered app, you must supply the following values to your Jamf Customer Success Manager, who will connect your Google Workspace domain with your Jamf Protect tenant:

  • Google Workspace domain

  • IdP metadata file or copied metadata values (SSO URL, Entity ID, Certificate)

After sign-in with Google is enabled, navigate to your Jamf Protect tenant URL and confirm that the Google sign-in window appears.