- 14 Jun 2024
- 2 読む分
- 印刷する
- PDF
End User Experience on Android Devices
- 更新日 14 Jun 2024
- 2 読む分
- 印刷する
- PDF
Once SSO configuration is created, users can sign in to the application when authenticated. The document describes how Scalefusion authenticates any user using SSO Configuration when they try to sign in to Gmail on Android devices.
Pre-requisites
- SSO Configuration is created on Scalefusion Dashboard
- Users have been assigned with SSO Configuration
- Authenticator app is available on managed device.
Case 1: Device managed by Scalefusion
Let us assume in the SSO Configuration, the Conditional Access > Device Policy is configured to allow access of application only if Device is managed by Scalefusion
Prerequisite
- Device should be enrolled with Scalefusion with Authenticator app available on it.
Steps
- Click on Gmail app on the managed Android device locked with Scalefusion.
- Click on Add an email address
- Next, select Google under Set up email
- On the next screen, enter your work email (the user's email to which you have assigned the application in SSO Configuration) and click Next
- You will be redirected to OneIdP sign in page. Enter your email id and password and click on Sign In.
- Wait for few seconds till OneIdP authenticates to complete the sign in
- Next, you will get the Google Terms of Service screen. Here, click on I agree
- You need to set your PIN on the Android device
- Once authentication takes place, you will be signed in to Gmail
This is how Scalefusion authenticates and allows the user to sign in to the application configured in SSO Configuration. Notice, if you have any other Google Workspace applications enabled on the device, you will be signed in on those apps as well.
Case 2: Device is Unmanaged (not enrolled with Scalefusion)
Here, you can sign in to the application on an unmanaged device with an OTP. Let us assume in the SSO Configuration, the Conditional Access > Device Policy is configured to allow access of application If the device is managed by Scalefusion or an OTP using OneIdP Authenticator app from a managed device.
Prerequisite
- One another device enrolled with Scalefusion having SSO Configuration, should be available.
Steps
Following steps are to be performed on an unmanaged Android device:
- Open Chrome browser and type www.gmail.com in the address bar
- On the Sign in screen, enter your email (the user's email to which you have assigned the application in SSO Configuration). Click Next
- You will be redirected to OneIdP sign in page. Enter your email id and password and click on Sign In.
- On the next screen you will be asked to enter the OTP generated on Authenticator app. At this point, go the device enrolled with Scalefusion, click on Authenticator app to open it.
- The OTP that is shown inside Authenticator app needs to be entered here on your unmanaged device. Enter OTP and click on Log in
- Once authentication takes place, you will be signed in to Gmail