mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-15 15:34:56 +03:00
mukul975
44 lines
1.3 KiB
Markdown
44 lines
1.3 KiB
Markdown
# Google Workspace SSO Implementation Template
|
|
|
|
## Configuration Details
|
|
|
|
| Setting | Value |
|
|
|---------|-------|
|
|
| Google Workspace Domain | |
|
|
| ACS URL | `https://www.google.com/a/{domain}/acs` |
|
|
| Entity ID | `google.com/a/{domain}` |
|
|
| IdP Name | Okta / Azure AD / ADFS / Other |
|
|
| IdP SSO URL | |
|
|
| IdP Sign-out URL | |
|
|
| Certificate Expiry | |
|
|
|
|
## Pre-Implementation Checklist
|
|
|
|
- [ ] Google Workspace Super Admin access confirmed
|
|
- [ ] IdP SAML application created for Google Workspace
|
|
- [ ] IdP signing certificate exported (X.509 PEM)
|
|
- [ ] User attributes mapped (NameID = email)
|
|
- [ ] Test users assigned in IdP
|
|
- [ ] Break-glass Super Admin account identified (bypasses SSO)
|
|
|
|
## Testing Results
|
|
|
|
| Test Case | Result | Notes |
|
|
|-----------|--------|-------|
|
|
| SP-initiated SSO (from Google login) | Pass/Fail | |
|
|
| IdP-initiated SSO (from IdP portal) | Pass/Fail | |
|
|
| User not in IdP (access denied) | Pass/Fail | |
|
|
| Sign-out flow | Pass/Fail | |
|
|
| Super Admin bypass | Pass/Fail | |
|
|
| MFA enforcement at IdP | Pass/Fail | |
|
|
| Clock skew tolerance | Pass/Fail | |
|
|
|
|
## Rollout Plan
|
|
|
|
- [ ] Phase 1: IT team pilot (1 week)
|
|
- [ ] Phase 2: Engineering department (1 week)
|
|
- [ ] Phase 3: All organizational units
|
|
- [ ] User communication sent
|
|
- [ ] Help desk trained
|
|
- [ ] Monitoring configured for auth failures
|