Google Workspace - IDP Client - Google Authenticator

Question

Hello good afternoon community, I hope you are very well.

I have a question, regarding the use of MFA or a two-factor authentication for users with the following case:

Users with IDP mode installed - Provisioning users to Tenant with Azure-AD . SAML Proxy for IDP - Google Worskpace.

Now if a customer wants or needs that apart from the enrollment via IDP, in this case Google Workspace, reauth must be applied at Private Access level so that every so often it performs the reauth.

Now thinking if the customer wants that when this reauth occurs, in addition to validate the Google Workspace credentials, use Google Authenticator, this configuration is not specific to Netskope, but in this case the Google Workspace itself? Is this correct?

Thank you very much community for your time, advice and collaboration.

Best regards

Page 1 / 1

Hello @MetgatzNK,

Netskope only controls the interval and which identity provider is used. The enforcement of MFA settings (caching, factors, etc) is controller by the identity provider. In regards to “this configuration is not specific to Netskope, but in this case the Google Workspace itself” that is correct but depending on the IDP, you may be able to apply specific controls and requirements such as stronger MFA requirements or forcing password authentication every time.

Reply

sshiflett · Accepted Answer

Hello @MetgatzNK,Netskope only controls the interval and which identity provider is used. The enforcement of MFA settings (caching, factors, etc) is controller by the identity provider. In regards to “this configuration is not specific to Netskope, but in this case the Google Workspace itself” that is correct but depending on the IDP, you may be able to apply specific controls and requirements such as stronger MFA requirements or forcing password authentication every time.

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded