Skip to main content

1 Message

 • 

72 Points

Tue, Oct 9, 2018 4:33 PM

Answered

cloudpath slip users with google byon


How can I separate the users that log in via google in cloudpath, if I want to identify them from the employees and the guests, they all enter with google.

Responses

5 Messages

 • 

200 Points

2 years ago

depending on how your users are being managed in Google, you can perform a split based on the email address.  if you have google hosting your email domain, you can do a google login step, then create a step that calls a split based on the received email address. "@mycompany.com" splits to a workflow where you provide a certificate, "@gmail.com" splits to a guest workflow. 

make sure to inform your employees to use their work email address to login, not their personal or @gmail.com address. there isn't really a way to differentiate within the same email domain if they are using personal email addresses, although you could also email them a voucher prior to performing the onboarding (assuming you have a list of employee email addresses) and then require the voucher as a step in the employee split.

22 Messages

 • 

582 Points

2 years ago

In addition to what Dave mentioned, if you are using Gsuite and/or have gmail domain, starting Cloudpath 5.4 (ETA in Dec) you can look at group membership and distinguish the users over SAML auth.

17 Messages

 • 

236 Points

Is Okta supported as an iDP via SAML auth?