Configuring Google Settings on TMWS

Procedure

1. Log on to the TMWS management console, and go to Administration → USERS & AUTHENTICATION → Directory Services.
2. Click here on the upper area of the screen.
3. On the Authentication Method screen that appears, click Google.
4. Click On or Off to decide whether to allow the Google Workspace users of your organization to visit websites through TMWS if their data is not synchronized to TMWS.

   Note Users not synchronized from Google Workspace can be authenticated only through known TMWS gateways or the dedicated port for your organization.

5. Configure Identity Provider Settings as follows:

   Service URL	SSO URL on the Google Admin console
   Public SSL certificate	Certificate downloaded from the Google Admin console After the certificate is uploaded, TMWS shows the SHA-256 fingerprint of the certificate on the screen. To confirm the validity of the certificate, view the fingerprint associated with the certificate on the Google Admin console.

6. Configure Synchronization Settings as follows:

   Service account key file	Private key file for the service account created on the Google Cloud Platform console and downloaded to your computer After the file is uploaded, TMWS shows the private key ID on the screen. To confirm the validity of the key, view the key associated with the service account on the Google Cloud Platform console.
   Google Workspace super admin account	Google Workspace super admin account used to configure SSO and synchronization settings in Google
   Synchronization schedule	Select to synchronize with Google Directory manually or according to a schedule If you choose Manually, whenever there are changes to Google directory user information, remember to go back to the Directory Services screen and perform manual synchronization so that information in TMWS remains current. Note If you choose a schedule, the time to start automatic synchronization depends on the finish time of last synchronization. For example, for a daily schedule, the next synchronization would take place about 24 hours after the last synchronization is completed.

7. Click Test Connection to check whether the Google directory service can be connected successfully.
8. Click Save.