Skip to main content
Solved

Google Workspace - IDP Client - Google Authenticator

  • July 30, 2024
  • 1 reply
  • 86 views
MetgatzNK
Netskope Partner
Forum|alt.badge.img+11

Google Workspace - IDP Client - Google Authenticator

Hello good afternoon community, I hope you are very well.

I have a question, regarding the use of MFA or a two-factor authentication for users with the following case:

Users with IDP mode installed - Provisioning users to Tenant with Azure-AD . SAML Proxy for IDP - Google Worskpace.

Now if a customer wants or needs that apart from the enrollment via IDP, in this case Google Workspace, reauth must be applied at Private Access level so that every so often it performs the reauth.

Now thinking if the customer wants that when this reauth occurs, in addition to validate the Google Workspace credentials, use Google Authenticator, this configuration is not specific to Netskope, but in this case the Google Workspace itself? Is this correct?

Thank you very much community for your time, advice and collaboration.

Best regards

Best answer by sshiflett

Hello @MetgatzNK,


Netskope only controls the interval and which identity provider is used.  The enforcement of MFA settings (caching, factors, etc) is controller by the identity provider.  In regards to “this configuration is not specific to Netskope, but in this case the Google Workspace itself” that is correct but depending on the IDP, you may be able to apply specific controls and requirements such as stronger MFA requirements or forcing password authentication every time. 

This topic has been closed for replies.

1 reply

S
Netskope Employee
Forum|alt.badge.img+16
  • sshiflett
  • Netskope Employee
  • 277 replies
  • Answer
  • August 2, 2024

Hello @MetgatzNK,


Netskope only controls the interval and which identity provider is used.  The enforcement of MFA settings (caching, factors, etc) is controller by the identity provider.  In regards to “this configuration is not specific to Netskope, but in this case the Google Workspace itself” that is correct but depending on the IDP, you may be able to apply specific controls and requirements such as stronger MFA requirements or forcing password authentication every time. 

Sam Shiflett | Netskope Solution Architect - North America

Badges Winner

Show all badges

Not finding what you're looking for?

Don't be shy and let us know about your challenge.

Ask your question here!
Terms & ConditionsCookie settingsAccessibility statement