diff --git a/src/pages/kb/user-guide/users/authentication-options.md b/src/pages/kb/user-guide/users/authentication-options.md index 4041d23c2..b04e9dc2e 100644 --- a/src/pages/kb/user-guide/users/authentication-options.md +++ b/src/pages/kb/user-guide/users/authentication-options.md @@ -134,3 +134,31 @@ Within Redash, use the following config: These changes were drawn from our [user forum](https://discuss.redash.io/t/auth0-integration/586/5). + +### How to Configure Google Workspace on Self Hosted Redash + +***This was tested on Redash version 10.0.0 (9c928bd1)*** + +1. In the Google workspace admin console go to `Apps` > `Web and mobile apps` +2. Add a Custom SAML app. +3. Add an App Name and, an icon and click on the Continue. +4. Copy the `SSO URL` the `Entity ID` and the `Certificate` (***Make sure you copy only the certificate content without the `-----BEGIN CERTIFICATE-----` and the ` -----END CERTIFICATE-----` sections***) +5. Click continue. +6. In the `ACS URL` enter `https:///saml/callback?org_slug=default` +7. In the `Entity Id` enter `https:///saml/callback?org_slug=default` +8. Change the `Name ID format` to be `Email` and the `Name ID` to be `Basic Information > Primary email` and click on the continue +9. Add Mapping Attribute: + +| Google Directory attributes | App attributes | +| -------------------------------| -------------- | +| Baisc Information > First Name | FirstName | +| Baisc Information > Last Name | LastName | + +10. Click on Finish. +11. Under the application `User access` enable the app for the users / group you would like to have access to your Redash. +12. In Redash go to the `Settings` and click on the `General` tab. +13. Under in the `SAML Enabled` radio button select `Enabled (Static)` +14. In the `SAML Single Sign-on URL` textbox enter the `SSO URL` you copied from Google +15. In the `SAML Entity ID` textbox enter the `Entity ID` you copied from Google +16. In the `SAML x509 cert` textbox enter the `Certificate` you copied from Google (***Make sure you enter only the certificate content without the `-----BEGIN CERTIFICATE-----` and the ` -----END CERTIFICATE-----` sections***) +17. Click on the Save button.