eliott/authentik
1
0
Fork 0
mirror of https://github.com/goauthentik/authentik synced 2026-04-27 09:57:31 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e7fcfb7e67d5df3e8a8a5da170f18fa4c6b98731
authentik/website/docs/add-secure-apps/providers/gws/create-gws-provider.md
Teffen Ellis 6ed5cb5249 website/docs: Modal and wizard button labels (#21549) 
* website/integrations: rename "Create with Provider" to "New Application"

The application list page now uses a split-button labeled
"New Application" instead of the old "Create with Provider" dropdown.
Update all 113 integration guides to match.

* website/docs: update flow, stage, and policy button labels

- "Create" → "New Flow", "New Stage", "New Policy" for trigger buttons
- "Finish" → "Create Flow", "Create Stage", "Create Policy" for submit
- "Create and bind stage" → "New Stage" / "Bind Existing Stage"
- "Create" (binding submit) → "Create Stage Binding"

* website/docs: update provider button labels

- "Create" → "New Provider" for trigger buttons
- "Create with Provider" → "New Application" in RAC docs
- "Create" → "New Property Mapping", "New RAC Endpoint", "New Prompt"
  for related entity creation

* website/docs: update directory button labels

- "Create" → "New Source" for federation/social login pages
- "Create" → "New Role", submit → "Create Role"
- "Create" → "New Invitation"
- Policy binding submit → "Create Policy Binding"

* website/docs: update endpoint device and system management button labels

- "Create" → "New Endpoint Connector", "New Enrollment Token",
  "New Device Access Group", "New Flow"
- Submit → "Create Device Access Group"
- "Create" → "New Notification Rule", "New Notification Transport"
- Binding submit → "Create Policy Binding"

* Reorganize policy documentation

* website/docs: address policy docs review feedback

* post-rebase

* website/docs: Reorganize policy documentation -- Revisions (#21601)

* apply suggestions

* Fix escaped.

* Fix whitespace.

* Update button label.

* Fix phrasing.

* Fix phrasing.

* Clean up stragglers.

* Format.

---------

Co-authored-by: Dominic R <dominic@sdko.org>
2026-04-16 17:35:38 +00:00

53 lines
3.3 KiB
Markdown
Raw Blame History

---
title: Create a Google Workspace provider
authentik_enterprise: true
---
For more information about using a Google Workspace provider, see the [Overview](./index.md) documentation.
## Prerequisites
To create a Google Workspace provider in authentik, you must have already [configured Google Workspace](./configure-gws.md).
## Create a Google Workspace provider in authentik
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Applications** > **Providers** and click **New Provider**.
3. Select **Google Workspace Provider** as the provider type, then click **Next**.
4. On the **New Google Workspace Provider** page, set the following configurations:
- **Name**: provide a descriptive name (e.g. `GWS provider`)
- Under **Protocol settings**:
- **Credentials**: paste the contents of the JSON file that you downloaded when [configuring Google Workspace](./configure-gws.md)
- **Delegated Subject**: enter the email address of the Google Workspace user that all authentik actions will be delegated to
- **Default group email domain**: enter a domain which will be used to generate the email address for groups synced from authentik to Google Workspace
- **User deletion action**: determines what authentik will do when a user is deleted from authentik
- **Group deletion action**: determines what authentik will do when a group is deleted from authentik
- Under **User filtering**:
- **Exclude service accounts**: choose whether to include or exclude service accounts
- **Group**: select a group and only users within that group will be synced to Google Workspace
- Under **Attribute mapping**:
- **User Property Mappings**: select any property mappings, or use the default
- **Group Property Mappings**: select any property mappings, or use the default
:::info Skipping certain users or groups
The `SkipObject` exception can be used within a property mapping to prevent specific objects from being synced. Refer to the [Provider property mappings documentation](../property-mappings/index.md#skip-objects-during-synchronization) for more details.
:::
5. Click **Finish**.
## Create a Google Workspace application in authentik
:::info Backchannel Provider
If you have configured the [Google Workspace SAML integration](/integrations/services/google/) to enable authenticating to Google Workspace with authentik, you can add the provider created in the previous section as a backchannel provider to the existing application, instead of creating a new one.
:::
1. Log in to authentik as an administrator and open the authentik Admin interface.
2. Navigate to **Applications** > **Applications**, click **New Application**, and set the following configurations:
- **Name**: provide a name for the application (e.g. `GWS`)
- **Slug**: enter the name that you want to appear in the URL
- **Provider**: when _not_ used in conjunction with the [Google SAML configuration](/integrations/cloud-providers/google), this should be left empty.
- **Backchannel Providers**: this field is required for Google Workspace. Select the name of the Google Workspace provider that you created in the previous section.
- **UI settings**: leave these fields empty for Google Workspace.
3. Click **Create**.
Reference in New Issue View Git Blame Copy Permalink