G Suite SSO

Overview

Panther supports integrating with G Suite (now named Google Workspace) as a SAML provider to enable logging in to the Panther Console via SSO.

For more information on features, terminology, and limitations of SSO integrations with the Panther Console, see Identity & Access Integrations.

How to configure SAML SSO to the Panther Console with G Suite

Obtain the G Suite SSO parameters from Panther

1. Log in to the Panther Console.

2. Click the gear icon in the upper right. In the dropdown menu, click General.

3. Click the Identity & Access tab.

Keep this browser window open, as you will need the Audience and ACS URL values in the next steps.

Create the G Suite App

Follow the GSuite guide for SAML-based SSO to add a custom SAML app.

Make the following modifications to create the SAML app for Panther:

• On the Attribute mapping page, configure the following attribute mappings:

  • First Name: PantherFirstName

  • Last Name: PantherLastName

Enable the SAML app in Google Workspace

Follow Google's documentation to turn on the SAML app.

Configure SAML in Panther

1. Navigate back to the SAML configuration you started earlier in this documentation.

2. Next to Enable SAML, set the toggle to ON.

3. In the Default Role field, choose the Panther role that your new users will be assigned by default when they first log in via SSO.

4. Below the Identity Provider URL field, click click here to upload the metadata file you downloaded from Google while configuring the SAML app.

5. Click Save Changes.

To test your setup, go to your Panther sign-in page and click Login with SSO.