Hey community, I’m trying to figure out if I can set up some access restrictions for iOS and macOS device users on using Google Workspace apps based on factors like location or device OS. For instance, we’d like to allow access to apps like Gmail and Drive when employees are on the company premises or using company-managed devices, but block access otherwise. Can I do this through the admin console of Google Workspace, if so, how do I proceed?
Mac login with Google Workspace SSOSolved
Tags
Replies (4)
Hi @sybylla , welcome to the Hexnode community!
Hexnode UEM offers the Hexnode Access feature that enables users to use Single Sign-On and log into their Macs using IdP credentials. Here’s how you do it:
- Login to Hexnode UEM portal.
- Go to Policies, select an existing policy or click on New Policy to create a new one.
- Navigate to macOS > Security > Hexnode Access and click Configure.
- Under Basic Settings,
- Click on the Identity Provider drop-down and select Google Workspace.
- From Configure authentication by drop-down, choose how you want to configure the login authentication by selecting Creating OAuth credentials in Google Cloud or Google Workspace domains added to Hexnode portal.
- On selecting Creating OAuth credentials in Google Cloud, proceed to enter the Client ID and Client secret in the respective fields.
- If you have selected Google Workspace domains added to Hexnode portal choose the Google Workspace domain from Domains.
- Go to Policy Targets and click +Add devices to choose the specific devices for this policy. You can also associate it with device groups, users, user groups, or domains.
- Finally, click on Save to apply the policy.
Keep in mind that if you are choosing Creating OAuth credentials in Google Cloud, the OAuth credentials must be created for the Hexnode Access app in Google Cloud.
Check out our help documentation to learn more about how to fully utilize the capabilities of Hexnode Access.
Thank you for the help!
Is there any way we can configure login authentication by using LDAP certificate?
@luuk , this provision for configuring Google Workspace login authentication via LDAP certificate will be available in the upcoming updates for Hexnode Access. Watch the Release Notes space for further updates!