> ## Documentation Index
> Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Quick Reference

> Concise summary of prerequisites and high-level steps for the integration.

This section offers a quick reference to key prerequisites and high-level implementation steps. For basic testing procedures for the integration, see [Test OpenSSL Provider](/Integrations/CryptoHub/Data_protection/OpenSSL_Provider/Post-integration_tasks/Test_OpenSSL_Provider).

## Pre-implementation

Ensure your environment complies with the following requirements:

* Grant CryptoHub admin privileges
* Grant admin privileges
* Grant Google Workspace Super Admin privileges
* Acquire Google Workspace Enterprise Plus or Education Plus
* Configure the CryptoHub **Dashboard** connection with a TLS certificate issued by a publicly trusted Certificate Authority
* Access requirements verified for admins, users, and external collaborators

## Implementation

Perform the following high-level steps to implement this integration:

* Set up the chosen IdP and attain the necessary information:
  -**VirtuCrypt**(pre-configured for CryptoHub integration)
  \[`Possibly add more info here about Futurex configuring this for the user`**]**
  * **Google IdP**(detailed in

**Google IdP integration**)
-**Okta**(detailed in

**Okta integration**)

* **Any 3rd-party IdP** that supports the OpenID Connect (OIDC) standard (

[**openid.net/connect/**](https://openid.net/connect/)). General integration principles found with the three previous IdPs should apply to most third-party IdPs

* If using an IdP other than**VirtuCrypt**, attain the following information:
  * OpenID Connect Discovery URL
  * OpenID Connect Client ID
  * OpenID Connect PKI
* Set up the external key service (CryptoHub)
  * Deploy Google CSE as a service:
    * Set rotation period for Personal Keys
    * Enter Email Domain
    * Configure Issuance Policy
    * Enter KACLS URL
    * Select Provider Type and enter the necessary information depending on the provider type selected
    * Select Google Cloud Service Credentials
  * Modify **Issuance Policy** and **Service Account Info** if needed
* Configure the KACLS in the Google Admin console to connect Google Workspace to the external key service
* Connect Google Workspace to the IdP by either uploading a `.well-known` file or using the Google Workspace admin console
* Implement IAM by turning CSE on or off for groups and users as needed

## Post-implementation

After you complete the integration, perform the following tasks to validate it:

* Validate that Google Workspace can successfully connect to the external key service (such as CryptoHub)
* Validate that Google Workspace can successfully connect to the configured IdP
* Test the creation of a blank, encrypted Google Doc
* Test encrypting and uploading a file to Google Drive
* Test sharing an encrypted Google Doc
