Validate and test the integration

this section covers the following tasks validate that google workspace can successfully connect to the external key service (such as the kmes series 3) validate that google workspace can successfully connect to the configured identity provider (idp) test the creation of a blank encrypted google doc test encrypting and uploading a file to google drive view personal keys in the kmes series 3 application interface test sharing an encrypted google doc validate the connection to {{k}} perform the following steps to validate a successful connection from google workspace to the {{k3}} sign in ( admin google com/ ) to your google admin console ( support google com/a/answer/182076) by using an account with super administrator privileges ( support google com/a/answer/2405986#super admin ) in the main menu, select security > access and data control > client side encryption select \[ test connection ] if google workspace can connect to the {{k3}} , a green checkmark and the your external key service is active message display validate the connection to idp perform the following steps to validate a successful connection from google workspace to the configured idp sign in ( admin google com/ ) to your google admin console ( support google com/a/answer/182076 ) by using an account with super administrator privileges ( support google com/a/answer/2405986#super admin ) in the main menu, select security > access and data control > client side encryption select the identity provider configuration card to open it select \[ test connection ] if google workspace can connect to your idp, the connection success message displays test creating a google doc perform the following steps to test the creation of a blank encrypted google doc sign in to google drive ( drive google com/ ) with your client side encryption (cse) user select \[ new ] , then select google docs > blank encrypted document a message warns you that some features, such as full text search and file preview, will be unavailable and that only certain people can access encrypted files due to admin settings select \[ create ] if this is your first encryption operation with google workspace cse, a message displays at the top of the page prompting you to sign in with your identity provider select \[ sign in ] , which redirects you to your idp website to sign in after signing in and allowing your idp access to your google account, the system returns you to the google doc, which is now encrypted a confirmation message displays if encryption is successful then, you can edit and save the document per the normal process test uploading a file perform the following steps to test encrypting and uploading a file to google drive sign in to google drive with your cse user select \[ new ] , then select file upload > encrypt and upload file a message warns you that some features, such as full text search and file preview, will be unavailable and that only certain people can access encrypted files due to admin settings select \[ select file ] if this is the first encryption operation you attempt with google workspace cse, the system prompts you to sign in with your idp after that, select \[ sign in ] , redirecting you to your idp website to sign in after signing in and allowing your idp access to your google account, the system redirects you to google drive, and the encrypted file upload commences uploads display in the bottom right corner of the page, and after the upload completes, you see a green checkmark and an updated status message view personal keys as this guide mentioned earlier, the first time a google cse user creates an encrypted document or encrypts and uploads a file to google drive, the {{k}} generates a new p ersonal key group and p ersonal key for that user all cse operations performed by that user in google workspace then use that personal key until an automatic key rotation occurs and a new personal key becomes active cse users can view their personal keys by logging in to the application interface and navigating to the key management > personal keys menu in addition to the ability of individual cse users to view their personal keys in the {{k3}} application interface, users with the personal keys managed permission can manage the personal keys of all cse users on the {{k}} test sharing a doc perform the following steps to test sharing an encrypted google doc sign in to google drive with your cse user right click the encrypted document to share and select \[ share ] , or, if you have the document open, you can select the \[ share ] button in the upper right corner of the page in the share with people and groups window, add the people and groups with whom to share the encrypted document and select \[ done ] share encrypted documents only with other google cse users that your company administrator provided with an account on the {{k3}} users who do not have a user configured on the {{k}} cannot decrypt, view, or edit files you share users you shared the encrypted file with receive an email that notifies them about the shared document after the user selects \[ open ] in the email they received, their browser redirects to sign in to google after signing in to google (with the same email configured for their user on the {{k}} ), the system redirects the user to the shared google doc after a few seconds, a message displays at the top of the page, prompting users to sign in with their idp selecting \[ sign in ] redirects them to their idp website to sign in after signing in and allowing your idp access to their google account, the system redirects them to the google doc, which is now encrypted a confirmation message displays if encryption is successful then, the recipient can edit and save the document normally