Multi-domain Google Apps SSO & 2FA with WordPress & CRM Bitrix24
My case is:
We use three free Google Apps with different domain names
We want to close GAPS services by IP and make all users to connect only from office or VPN
We must have 2FA with SMS or authenticator
We don’t have any central directory like LDAP or AD
We should provide access to gmail from mobile devices from any IP if it’s possible
We should have a possibility to add our web-based CRM Bitrix24 to SSO
Will be great to use some kind of desktop app to authenticate through
In a future add to SSO all our WordPress sites
Is it clear? I’ve just started to search solutions and not all requests from my manager are clear for me as well. 🙂
Thank you sending us details for your use case. Please check my answers below :
1. We use three free Google Apps with different domain names
We support single sign on with Google Apps.
2. We want to close GAPS services by IP and make all users to connect only from office or VPN
With our Risk Based Access policies you can specify range of IP address for which you want to restrict access.
3. We must have 2FA with SMS or authenticator
Do you want 2FA for everyone or only if users try to access GAPS from outside the office ?
4. We don’t have any central directory like LDAP or AD
That won’t be required.
5. We should provide access to gmail from mobile devices from any IP if it’s possible
Yes. We can add support for that.
6. We should have a possibility to add our web-based CRM Bitrix24 to SSO
We can add Bitrix24 and any other app which supports SSO standards.
7. Will be great to use some kind of desktop app to authenticate through
Google apps works on browser. Can you send me more details why you want desktop based app for authentication?
8. In a future add to SSO all our WordPress sites
We can easily add WordPress sites.
Please send me answers to our queries.
Thank you for such detailed answer.
How can we try your product without disrupting a production environment?
Do you have same users in all 3 google apps account? To try it you can either use test google apps account.
No, my users are different in all 3 GAPPS. I will check if it’s possible to organize test GAPPS to try.
I have found our old GAPPS with 3 domains attached. One problem is all these domains are not in my control now, I mean that we lost these domain names because stopped to use them more than a year ago. I can return only one of them because it’s free now.
I can use this GAPPS for my tests.
What is a procedure to start SSO testing?
You can sign up with us for free trial account with this link.
After that you can refer guide below to set it up
Thank you for the quick answer.
I will start testing.
If I have any issues I will ask you for assistance.
You must be logged in to reply to this topic.