1. AWS Simpplr
  2. Integrations and APIs
  3. SSO Integrations

Google SAML SSO Configuration with Simpplr

Avatar
Matthew Rawls
Follow

Follow the steps below to set up your Google SSO with Simpplr. 

Note:

You must be a Google Admin user for your org's Google Workspace, as well as a Simpplr application manager in order to enable to connection.

 

Creating a Google SSO SAML Web App

  1. Log in to your org's Google Workspace using a Google Admin account (of the workspace that has to be integrated) on this page: https://admin.google.com/.
  2. From the Admin Console, on left navigation menu, Navigate to Apps > Web and mobile apps.
    AWS_Google_SSO_1.gif
  3. Click on Add app > Add custom SAML app.
    AWS_Google_SSO_2.gif
  4. Enter the App name (required) and Description (optional). We recommend using something easy to remember like SimpplrSAML. Then click Continue.
  5. Copy the SSO URL and Entity ID, then download the Certificate. Paste these items somewhere you can access later on. You'll need them when connecting the app to Simpplr. Click Continue.
    Google SSO 1.png

Enable Google SSO within Simpplr

From Simpplr, as the application manager:

  1. Go to Manage > Application > Security > External IdP (SSO).
  2. Choose Add > Google.
    Google SSO 3.png
  3. Authentication protocol: Choose SAML
  4. Name: Name the SSO. This will be there to identify the connection for app managers.
  5. Sign in text: Optionally, enter a custom sign in text for your users. By default, this will read "Sign in with Google."
  6. Login URL: Input the login URL of your org's Google instance.
  7. Identity Provider (IdP) entity ID: Paste the Identity Provider (IdP) entity ID created above into the appropriate field.
  8. Certificate: Upload the certificate file. 
  9. Single Logout (SLO): Choose to allow Single Logout (SLO). With this enabled, users will be logged out of all applications tied to the SSO when they log out of the intranet.
  10. Login identifier: Choose the appropriate login identifier for your users. Note with Google, only Email address can be chosen.
  11. Enable SSO provisioning: Finally, choose whether to provision new users with just-in-time (JIT) provisioning upon successful first time SSO login. Click Save.
    Google SSO 2.pngGoogle SSO new 5.png
  12. Click Add. The setup is now complete, and you will be given the applicable details needed to input in your Google instance.
    Google SSO new 6.png

 

Back in Google:

  1. Enter the ACS URL - Copy the ‘ACS URL’ received from configuration details in Simpplr and paste it in the ACS URL field in Google SAML app.
  2. Enter the Entity ID - Copy the ‘Service Provider entity ID’ received from configuration details in Simpplr and paste it in the Entity ID field in the Google SAML app.
  3. Optionally, enter the Start URL - copy the ‘Relay state’ received from configuration details in Simpplr and paste it in the Start URL field in Google SAML app.
  4. Check the Signed response checkbox.
    Google sso new 7.png

  5. For the Name ID options, choose:

    Name ID format: EMAIL

    Name ID: Basic Information > Primary email


    AWS_Google_SSO_5.png

  6. Click Continue.

  7. On the next screen, for Attribute mapping - Enter the following mapping:

    AWS_Google_SSO_7.png

  8. Note attribute mapping is case sensitive. 

  9. Click SAVE.

  10. Once the app is ready, click on the User access block, select ON for everyone, then click SAVE.
    AWS_Google_SSO_8.gif

  11. The SAML App setup is complete.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Articles in this section