- Join Now
SSO - Google
How to set up Google SSO
Step 1: Access your Admin app
Select your Google Apps and locate the Admin App
Step 2: Select Apps
Select the Apps icon
Step 3: Select SAML apps
Select the SAML Apps icon
Step 4: Select Add a service/App to your domain
You will need to add a new service
Step 5: Select My Own Custom App
An Igloo App will not exist, as result, you will need to select the option to create your own custom App
Step 6: Copy the following idP information
Copy the SSO URL, and download the Certificate. These will be used when setting up the Igloo side of SSO
Step 7: Provide an Application Name
An application name is mandatory, and will determine how the app will appear in your list of applications. You can further add a description and image.
Step 8: Configure the service provider details
The ACS URL and Entity ID will both be your digital workplace URL with /saml.digest appended to it. The Start URL will be your workplace URL. Leave signed response unchecked, and ensure that the Name ID is set to Primary Email.
Step 9: Add new mappings
Select Add New Mapping
Step 10: Attribute Mapping
Add the following mappings:
- FName - Basic Information - First Name
- LName - Basic Information - Last Name
- Email - Basic Information - Primary Email
Step 11: Turn your new SAML configuration on
Select the vertical ellipses associated with your new SAML App and turn it ON
- The next series of steps take place back in your workplace
Step 12: Access your sign in settings
From your Control Panel, select Sign in Settings located underneath the Membership heading.
Step 13: Select configure SAML Authentication
At the bottom of the Sign in Settings options, there is a link Configure SAML Authentication, select it.
Step 14: General configuration
Copy the SSO URL from Step 6 into the field IdP Login URL. Then copy the X.509 Certificate from Step 6 to the Public Certificate field of the General Configuration. You will need to open up the file you downloaded used a text editor.
Step 15: Response and Authentication Configuration
Ensure that your settings for this section matches those in the image below. The attribute statements are:
- Email /samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute[ =Email]/saml:AttributeValue
- First Name /samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute[ =FName]/saml:AttributeValue
- Last Name /samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute[
Step 16: Other settings
Ensure that your remaining settings match those below. Select Save to apply all your changes. For more details on those settings, see the general SSO setup documentation.
Viewed 1,788 times