Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Online Help

    Home FortiCWP 22.2.a Online Help
    22.2.a
    22.2.a
    22.1.0
    21.3.0
    21.2.1
    21.2.0
    21.1.0
    20.3.0
    20.2.0
    20.1.0
    4.4.0
    4.2.0

    Configure Google Workspace Account

    Configure Google Workspace Account

    The Google Workspace account to be added to FortiCWP requires a Super Admin Role or Custom User Role (recommended) assigned.

    It is recommended to create a user within the Google Workspace account that is designated to be added to FortiCWP and assigned it with Custom User Role.

    Follow the configurations below to create a Custom User Role, then assign it to a Google Workspace account user.

    Create Custom User Role

    1. Log into Google Admin Console with your Google Workspace Super Administrator Account. (Only Super Administrator Account can create roles)
    2. From Google Admin navigation menu, go to Account > Admin roles, then click Create new role.

    3. Fill in a name for the role, a short description, and click Continue.

    4. Select the role privileges according to the table below, then click Continue.
      5. Privilege Permission
      Admin console privileges
      Organization Units Read
      Users Read
      Groups
      Domain Settings
      Reports
      Admin API privileges
      Organization Units Read
      Users Read
      Groups Create, Read, Update, Delete
      Billing Management Billing Read
      Domain Management
      Domain Allowlist Management Domain Allowlist Read

    5. Review all the role privileges selected, then click Create Role.

    The custom role can now be assigned to a Google Workspace user that is designated to be added to FortiCWP.

    Assign Custom User Role

    1. Log into Google Admin Console with your Google Workspace Super Administrator Account.
    2. From the Google Admin navigation menu, go to Directory > Users.

    3. Click on the user that will be added to FortiCWP Workload Protection.

    4. Scroll down and click on Admin roles and privileges.

    5. Click on the edit button to reveal all available roles.

    6. Click on the toggle switch button to assign the custom user role created. Make sure Super Admin role is not assigned.

    7. Click Save to finish assigning the custom user role to the user.

    After Google Workspace user configuration is completed, continue with the rest of the configurations.

    Previous
    Next

    Configure Google Workspace Account

    Configure Google Workspace Account

    The Google Workspace account to be added to FortiCWP requires a Super Admin Role or Custom User Role (recommended) assigned.

    It is recommended to create a user within the Google Workspace account that is designated to be added to FortiCWP and assigned it with Custom User Role.

    Follow the configurations below to create a Custom User Role, then assign it to a Google Workspace account user.

    Create Custom User Role

    1. Log into Google Admin Console with your Google Workspace Super Administrator Account. (Only Super Administrator Account can create roles)
    2. From Google Admin navigation menu, go to Account > Admin roles, then click Create new role.

    3. Fill in a name for the role, a short description, and click Continue.

    4. Select the role privileges according to the table below, then click Continue.
      5. Privilege Permission
      Admin console privileges
      Organization Units Read
      Users Read
      Groups
      Domain Settings
      Reports
      Admin API privileges
      Organization Units Read
      Users Read
      Groups Create, Read, Update, Delete
      Billing Management Billing Read
      Domain Management
      Domain Allowlist Management Domain Allowlist Read

    5. Review all the role privileges selected, then click Create Role.

    The custom role can now be assigned to a Google Workspace user that is designated to be added to FortiCWP.

    Assign Custom User Role

    1. Log into Google Admin Console with your Google Workspace Super Administrator Account.
    2. From the Google Admin navigation menu, go to Directory > Users.

    3. Click on the user that will be added to FortiCWP Workload Protection.

    4. Scroll down and click on Admin roles and privileges.

    5. Click on the edit button to reveal all available roles.

    6. Click on the toggle switch button to assign the custom user role created. Make sure Super Admin role is not assigned.

    7. Click Save to finish assigning the custom user role to the user.

    After Google Workspace user configuration is completed, continue with the rest of the configurations.

    Previous
    Next