Skip to content
English
Contact Support
  • There are no suggestions because the search field is empty.

Onboarding Users onto Dune Security from Google Workspace

Complete service account creation, SSO setup, API scopes configuration, and SCIM provisioning.

Overview

Integrating Dune Security with Google Workspace enables robust identity management, supporting user provisioning, SSO, and enhanced security controls.

Pre-Session Requirements

Before you begin the integration, ensure that you have:

  • Admin access to Google Workspace.
  • Admin access to your Dune Security account.
  • The necessary API tokens and credentials for both platforms.

Step-by-Step User Onboarding

1. Create a Service Account in Google Cloud

  1. Log in to Google Cloud Console

  2. Create a New Project

    • Select or create a new project for the service account.

  3. Enable Admin SDK API

    • Navigate to APIs & Services > Library.
    • Search for "Admin SDK" and enable it.
    • Go to IAM & Admin > Service Accounts.
    • Click Create Service Account and provide a name and description.
    • Click Create and Continue, then assign Service Account Admin and Service Account User roles.
    • Click Done.

      Create a Service Account

2. Configure Domain-Wide Delegation

  1. Enable Domain-Wide Delegation

    • In Google Cloud Console, navigate to IAM & Admin > Service Accounts.
    • Select the service account and click Edit.
    • Check Enable G Suite Domain-wide Delegation and save the changes.

  2. Authorize API Scopes

    • Go to the Google Admin Console at admin.google.com.
    • Navigate to Security > API Controls > Manage Domain-Wide Delegation.
    • Click Add New and enter your service account’s Client ID (found as the Unique ID in the Service Account).
    • Add the following OAuth scopes:
      • https://www.googleapis.com/auth/admin.directory.group
      • https://www.googleapis.com/auth/admin.directory.user
    • Authorize the scopes.
  3. Generate a JSON Key
    • On the Service Accounts page, select the new service account.
    • Go to the Keys tab and click Add Key > Create New Key.
    • Select JSON and click Create. Save the JSON file securely as it will be needed later.

3. Configure Dune Security to Use Google Workspace Service Account

  1. Log in to the Dune Security Admin Console

    • Navigate to your Dune Security admin console and sign in.

  2. Add Google Workspace Integration

    • Go to the Integrations section and select Google Workspace from the list of available integrations.
    • Upload the JSON key file you generated earlier and save the configuration.

4. Set Up and Configure Single Sign-On (SSO) with Google Workspace

  1. Access the Google Admin Console

    • In the Google Admin Console, navigate to Apps > Web and mobile apps.

  2. Create a New Application

    • Click Add app > Add custom SAML app.
    • Enter Dune Security as the app name and click Continue.

  3. Configure SSO Settings in Dune Security

    • In a separate window, sign in to the Dune Security admin console and navigate to SSO Settings.

  4. Add SAML Certificates

    • In the Google Admin Console, manually enter the following into the Dune Security platform:
      • SSO URL
      • Entity ID
      • Certificate
    • Add your email domains and click Submit.

  5. Complete Basic SAML Configuration

    • Use the following values provided by Dune Security:
      • ACS URL (Assertion Consumer Service URL): Provided in Application Details.
      • Entity ID: Provided under Application Details in Dune Security.
      • Start URL: https://dune.security/login/
    • Click Continue, then Submit.

  6. Finalize the SSO Setup

    • Download the SAML metadata file from the Google Admin Console and upload it to the Dune Security admin console to complete the configuration.

Post-Setup Verification

1. Test SSO Login

  • Navigate to the Dune Security login page and select the Google Workspace SSO option to ensure that users can log in via Google Workspace.

2. Verify User Provisioning

  • Check the Dune Security admin console to confirm that users and groups from Google Workspace are correctly provisioned.

3. Monitor and Troubleshoot

  • Regularly monitor the integration logs in both Google Workspace and Dune Security for potential issues.
  • Contact Dune Security Support for troubleshooting or additional assistance.

Next Steps

Before launching your Baseline Risk Assessment, ensure you have implemented DMI to guarantee seamless email delivery to your users' inboxes. Refer to the DMI through Google Workspace guide for details.

Support and Assistance

If you encounter any issues or need further assistance during the integration process, please reach out to Dune Security Support:

Email: support@dune.security

By following these steps, your integration between Google Workspace and Dune Security will be successfully completed, ensuring streamlined onboarding and enhanced security for your organization.