Many organizations use SAML to authenticate users for web services.
Prisma Cloud supports the SAML 2.0 federation protocol to access the Prisma Cloud Console.
When SAML support is enabled, users can log into Console with their federated credentials.
This article provides detailed steps for federating your Prisma Cloud Console with Google G Suite.
The Prisma Cloud/G Suite SAML federation flow works as follows:
Users browse to Prisma Cloud Console.
Their browsers are redirected to the G Suite SAML 2.0 endpoint.
They enter their credentials to authenticate.
Multi-factor authentication can be enforced at this step.
A SAML token is returned to Prisma Cloud Console.
Prisma Cloud Console validates the SAML token’s signature and associates the user to their Prisma Cloud account via user identity mapping or group membership.
Setting up Google G Suite
Prisma Cloud supports SAML integration with Google G Suite.
Log into your G Suite admin console.
button at the bottom to add a new app.
SETUP MY OWN CUSTOM APP
at the bottom of the dialog.
, and download the certificate.
You will need these later for setting up the integration in Prisma Cloud Console.
, such as
, then click
In the Service Provider Details dialog, enter the following details, then click