From 0d60216b8b123dbbb3be0d51ca9abfe535bb89c7 Mon Sep 17 00:00:00 2001
From: Omry Hay <46656490+omry-hay@users.noreply.github.com>
Date: Mon, 8 Nov 2021 09:10:12 +0200
Subject: [PATCH 1/2] Update authentication-options.md

Lately I had to configure our Redash to enable SAML using Google  Workspaces.
Since there is no actual documentation on this I took me quite a while to understand what should I do, so I've added the documentation for it.
---
 .../users/authentication-options.md           | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/src/pages/kb/user-guide/users/authentication-options.md b/src/pages/kb/user-guide/users/authentication-options.md
index 4041d23c2..4e0e6b1f8 100644
--- a/src/pages/kb/user-guide/users/authentication-options.md
+++ b/src/pages/kb/user-guide/users/authentication-options.md
@@ -134,3 +134,30 @@ Within Redash, use the following config:
 
 These changes were drawn from our
 [user forum](https://discuss.redash.io/t/auth0-integration/586/5).
+
+### How to Configure Google Workspace on Self Hosted Redash
+
+***This was tested on Redash version 10.0.0 (9c928bd1)
+
+1. In the Google workspace admin console go to `Apps` > `Web and mobile apps`
+2. Add a Custom SAML app.
+3. Add an App Name and, an icon and click on the Continue.
+4. Copy the `SSO URL` the `Entity ID` and the `Certificate` (***Make sure you copy only the certificate content without the `-----BEGIN CERTIFICATE-----` and the ` -----END CERTIFICATE-----` sections***)
+5. Click continue.
+6. In the `ACS URL` enter `https://<Your Self-Hosted Domain>/saml/callback?org_slug=default`
+7. In the `Entity Id` enter `https://<Your Self-Hosted Domain>/saml/callback?org_slug=default`
+8. Change the `Name ID format` to be `Email` and the `Name ID` to be `Basic Information > Primary email` and click on the continue
+9. Add Mapping Attribute:
+| Google Directory attributes    | App attributes |
+| -------------------------------| -------------- |
+| Baisc Information > First Name | FirstName      |
+| Baisc Information > Last Name  | LastName       |
+
+11. Click on Finish.
+12. Under the application `User access` enable the app for the users / group you would like to have access to your Redash.
+13. In Redash go to the `Settings` and click on the `General` tab.
+14. Under in the `SAML Enabled` radio button select `Enabled (Static)`
+15. In the `SAML Single Sign-on URL` textbox enter the `SSO URL` you copied from Google
+16. In the `SAML Entity ID` textbox enter the `Entity ID` you copied from Google
+17. In the `SAML x509 cert` textbox enter the `Certificate` you copied from Google (***Make sure you enter only the certificate content without the `-----BEGIN CERTIFICATE-----` and the ` -----END CERTIFICATE-----` sections***)
+18. Click on the Save button.

From 3024e9d60f2ba0b86ed587161eae50c4582c5e39 Mon Sep 17 00:00:00 2001
From: Omry Hay <46656490+omry-hay@users.noreply.github.com>
Date: Mon, 8 Nov 2021 09:14:47 +0200
Subject: [PATCH 2/2] Update authentication-options.md

---
 .../users/authentication-options.md           | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/pages/kb/user-guide/users/authentication-options.md b/src/pages/kb/user-guide/users/authentication-options.md
index 4e0e6b1f8..b04e9dc2e 100644
--- a/src/pages/kb/user-guide/users/authentication-options.md
+++ b/src/pages/kb/user-guide/users/authentication-options.md
@@ -137,7 +137,7 @@ These changes were drawn from our
 
 ### How to Configure Google Workspace on Self Hosted Redash
 
-***This was tested on Redash version 10.0.0 (9c928bd1)
+***This was tested on Redash version 10.0.0 (9c928bd1)***
 
 1. In the Google workspace admin console go to `Apps` > `Web and mobile apps`
 2. Add a Custom SAML app.
@@ -148,16 +148,17 @@ These changes were drawn from our
 7. In the `Entity Id` enter `https://<Your Self-Hosted Domain>/saml/callback?org_slug=default`
 8. Change the `Name ID format` to be `Email` and the `Name ID` to be `Basic Information > Primary email` and click on the continue
 9. Add Mapping Attribute:
+
 | Google Directory attributes    | App attributes |
 | -------------------------------| -------------- |
 | Baisc Information > First Name | FirstName      |
 | Baisc Information > Last Name  | LastName       |
 
-11. Click on Finish.
-12. Under the application `User access` enable the app for the users / group you would like to have access to your Redash.
-13. In Redash go to the `Settings` and click on the `General` tab.
-14. Under in the `SAML Enabled` radio button select `Enabled (Static)`
-15. In the `SAML Single Sign-on URL` textbox enter the `SSO URL` you copied from Google
-16. In the `SAML Entity ID` textbox enter the `Entity ID` you copied from Google
-17. In the `SAML x509 cert` textbox enter the `Certificate` you copied from Google (***Make sure you enter only the certificate content without the `-----BEGIN CERTIFICATE-----` and the ` -----END CERTIFICATE-----` sections***)
-18. Click on the Save button.
+10. Click on Finish.
+11. Under the application `User access` enable the app for the users / group you would like to have access to your Redash.
+12. In Redash go to the `Settings` and click on the `General` tab.
+13. Under in the `SAML Enabled` radio button select `Enabled (Static)`
+14. In the `SAML Single Sign-on URL` textbox enter the `SSO URL` you copied from Google
+15. In the `SAML Entity ID` textbox enter the `Entity ID` you copied from Google
+16. In the `SAML x509 cert` textbox enter the `Certificate` you copied from Google (***Make sure you enter only the certificate content without the `-----BEGIN CERTIFICATE-----` and the ` -----END CERTIFICATE-----` sections***)
+17. Click on the Save button.