Hey everyone,
My company has two different Google Workspace domains (company.com and company.com.au) and no central Idp. I’d like to set up federated access to QuickSight, but it looks like I can have only one SSO app.
Does anyone have any suggestions on the best way to handle this for our org?
Deep
November 6, 2023, 6:01pm
2
Hello there,
Please refer to this previous post with similar question, may be it gives you some insight
Hi @rsinghal12 ,
There are 2 possible flows :
Identity Provider Initiated (IdP-initiated) SSO
User logs into the IDP Portal
QuickSight application is configured
User is redirected to QuickSight homepage when clicked .
Service Provider Initiated (SP-initiated) SSO
QuickSight can also be configured for SP-initiated sign-on in the Enterprise edition. This setup enables QuickSight to redirect the user to authenticate with the IdP first before granting access to the QuickSight resources.
If …
Thank you.
Cheers,
Deep
1 Like
I was able to do this by following this tutorial:
Amazon QuickSight is a scalable, serverless, embeddable, machine learning (ML)-powered business intelligence (BI) service built for the cloud that supports identity federation in both Standard and Enterprise editions. Organizations are working...
I also wanted to set up email syncing and ended up writing some code to provision the Principal:Email from Google Workspace to QuickSight. Script is available on my github: https://github.com/patrickhaley/GJG-GAM-Scripts/blob/main/google-apps-scripts/updateGroupMemberAttributes.gs