Get Started: 探花大神 Go鈩�

Help Center Home > 探花大神 Go > Get Started: 探花大神 Go鈩�

Get Started: 探花大神 Go鈩�

探花大神 Go鈩� provides the most secure and convenient way for users to access their 探花大神-protected resources the moment they unlock their managed device. After initial registration with their password, users verify their identity seamlessly during device login, unlock, or in the browser using device authenticators with biometrics (Apple Touch ID and Windows Hello). 探花大神 Go improves security for organizations by simplifying the user login flow, reducing authentication fatigue, and minimizing password use. 探花大神 Go authentication also satisfies any User Portal MFA requirements.

Important:

Users must first register 探花大神 Go on their device using their credentials before passwordless verification becomes available.
For details on user registration and verification workflows, see Use 探花大神 Go. For troubleshooting, see Troubleshoot: 探花大神 Go.
This article covers 探花大神 Go for desktops. To use 探花大神 Go on Apple and Android mobile devices, see Get Started: Mobile Device Trust.

Features:

Phishing-resistant: After registering their device, users don't enter their credentials in a browser session. Instead, users verify their identity using either their local device password or biometric device authenticator.
Device-bound and hardware-protected: 探花大神 Go leverages device authenticators and hardware secure stores to protect and secure user credentials.
Passwordless: Faster, safer, and simpler user verification saves time for users and admins.

Prerequisites:

探花大神 Go supports the following device types that meet these hardware requirements:
- macOS devices with a .
- Windows devices with a .
- Linux devices (GNOME-based distros) with a Trusted Platform Module (TPM) 2.0.
The 探花大神 agent has to be installed and running on macOS, Windows, and Linux devices. See Install the 探花大神 Agent.
The 探花大神 Go browser extension has to be installed on a supported web browser:
- Chromium-based browsers (Google Chrome, Microsoft Edge, and Brave only) with the .
- Firefox with the .
- If the browser extension isn't installed, see Installing Browser Extensions Manually.

Considerations:

Users need to work from their 探花大神-managed device and be logged in to their managed device account. 探花大神 Go doesn't support local device accounts.
Biometrics are only supported on macOS and Windows devices. Users need to configure biometrics on their device to use them with 探花大神 Go:
- For macOS devices, see Apple鈥檚 .
- For Windows devices, see Microsoft鈥檚 .
For Linux devices:
- Self-contained browsers installed using Snap or Flatpack aren't supported. Only browsers installed using standalone methods are supported.
- After enabling 探花大神 Go, users on CentOS 7/RHEL 7 devices need to log out and log back in.
The 探花大神 agent will install 探花大神 Go components regardless of whether the setting is enabled or disabled in the Admin Portal. See Agent Compatibility, System Requirements, and Impacts.

Understanding Authentication Factors

When you enable 探花大神 Go, it serves as an MFA factor for User Portal and SSO authentication. End users confirm their identity using their device authenticator. See MFA for Admins.

Tip:

探花大神 Go serves as an MFA factor when accessing SSO apps in addition to the User Portal.

If you also enable MFA for User Portal authentication, 探花大神 Go uses 3 authentication factors to confirm a user鈥檚 identity during registration. For subsequent verifications, users can manually configure biometrics on their device for 探花大神 Go. 探花大神 Go also provides two factor authentication when biometrics aren鈥檛 configured, but uses alternative factors (local device password):

探花大神 Go Authentication Factors

Factor Type	Registration without MFA	Registration with MFA	Verification with biometrics	Verification without biometrics
Something you have (managed device)	鉁�	鉁�	鉁�	鉁�
Something you are (biometrics)	鉂�	鉁�	鉁�	鉂�
Something you know (password)	鉁�	鉁�	鉂�	鉁�

Installing the 探花大神 Go Browser Extension

The 探花大神 Go browser extension is required to use 探花大神 Go. You can install it on your devices in the following ways:

Chrome only: Deploy the browser extension to multiple devices using a 探花大神 policy or Google鈥檚 Chrome Browser Cloud Management (CBCM).
All browsers: Users can manually install the browser extension on their device.
- For Chrome, Edge, or other Chromium-based browsers, see Use 探花大神 Go - Installing the Browser Extension.
- For the Firefox browser, see Use 探花大神 Go - Firefox Extension.

Chrome: Using 探花大神 Policy to Deploy the Extension

If your organization is not using Google Workspace and CBCM, you can deploy the browser extension to macOS and Windows devices using a 探花大神 policy. For instructions on using a policy to deploy the browser extension, see Create a Mac or Windows Chrome Force-Installed Extension List Policy.

Chrome: Using CBCM to Deploy the Extension

If your organization is already using Google Workspace, you can deploy the 探花大神 Browser Extension with CBCM. See .

To install the 探花大神 Go Browser Extension via CBCM:

Go to the and log in as a Google Administrator.
Go to Devices > Chrome > Apps & Extensions > Users & browsers.
Click ( + ) at the bottom of the screen, then select the Chrome icon to add a new extension from the Chrome Web Store.
Search for the 探花大神 Go Browser Extension and click Select to add it.
Click 探花大神 Go Browser Extension in the list to expand the menu, and in the right aside under Installation Policy, select Force Install.
- Selecting Force Install in the Google Admin Portal will force the browser extension to install on managed Chrome browsers. See .

Tip:

You can use 探花大神 Browser Patch Management to enroll your devices in Google Chrome Browser Cloud Management and enforce the managed browser extensions. See Chrome Browser Cloud Management Settings.

Enabling 探花大神 Go

After adding the 探花大神 Go browser extension to your browsers on your devices, enable the feature in the Admin Portal.

Note:

探花大神 Go is enabled for new organizations by default. If it is not enabled in your org, see the following steps to enable it in the Admin Portal.
Enabling 探花大神 Go in Features will automatically enable it as an MFA factor in SECURITY MANAGEMENT > MFA Configuration for your users.

To enable 探花大神 Go for your org:

Log in to the .
Go to Settings > Features > 探花大神 Go.
Click to toggle 探花大神 Go to On.
Click Save.

Using 探花大神 Go for Step-Up MFA

探花大神 Go SSO requests have additional security with user and device verification occurring during every new application session established using Go. Users that authenticate to the User Portal with 探花大神 Go will see the Go loader while accessing their SSO applications.

In addition, 探花大神 Go is the default MFA method for SSO Conditional Access Policies (CAPs). When a user accesses an application protected by a CAP, they'll be prompted to "step up" and verify their identity using 探花大神 Go. See Get Started: Conditional Access Policies.

Disabling 探花大神 Go

To disable 探花大神 Go for your organization:

Log in to the .
Go to Settings > Features > 探花大神 Go.
Click to toggle 探花大神 Go to Off.
Click Save.

Important:

If you disable 探花大神 Go, the 探花大神 Go browser extension is not automatically removed from the associated devices. See the following section for steps to uninstall the browser extension.

Uninstalling the 探花大神 Go Browser Extension

The process to uninstall the 探花大神 Go browser extension varies depending on how it was deployed on your devices.

If users manually installed the extension, they can remove it directly from their browser. See Uninstalling the Browser Extension. Otherwise, see the following section if you deployed the Chrome browser extension to your devices.

Chrome: Using 探花大神 Policy to Remove the Extension

If you used a 探花大神 policy to install the browser extension, you will need to remove the devices from the associated policies created in the Admin Portal. See Create a Mac or Windows Chrome Force-Installed Extension List Policy for steps to remove managed devices from the associated policies.

Chrome: Using CBCM to remove the extension

If you used CBCM to deploy the browser extension, you will need to remove the 探花大神 Go browser extension in the Google Admin Portal, or set the extension to Not Installed. See .

FAQ

Can users still authenticate to 探花大神 with traditional authentication (email and password)?

Yes. A company email and password is required to register 探花大神 Go. Users can still authenticate with traditional methods after 探花大神 Go is enabled.

Can 探花大神 Go be used for device authentication?

No. Only 探花大神 User Portal and SSO app authentication are supported.

Are device biometrics required to use 探花大神 Go?

No. 探花大神 Go works with biometrics when users have configured them on their device. When biometrics aren't configured, 探花大神 Go requires the user鈥檚 local device password for verification.

How do Conditional Access Policies (CAPs) work with 探花大神 Go?

探花大神 Go is supported as an MFA method for conditional access policies protecting the User Portal and SSO apps. See Using 探花大神 Go for Step Up MFA and Get Started: Conditional Access Policies for more information.

Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case

探花大神