In this article, you'll learn:
Setting up SSO in Google Workspace is a three-step process.
How to get system provider credentials for the usecure platform
Log into the platform and go to Settings > SSO
Toggle SSO Enabled on
Scroll down to the SAML section and copy the Assertion Consumer Service (ACS) URL and Entity ID. You’ll need these to set up the SAML app in Google Workspace.
How to set up up SAML in Google Workspace
Open Google Admin Console - https://admin.google.com/
Go to Apps > Web and mobile apps
From the top of the table, select Add App > Add custom SAML app
Enter an App name and click Continue
This will take you to the Google Identity Provider Details page. Copy the SSO URL and Certificate. You can also download the certificate if you wish.
Click Continue to go to the Service Provider Details page.
You’ll need to paste the ACS URL and Entity ID values you copied from the platform into the corresponding fields on this form.
Leave Start URL blank
Set Name Id format to EMAIL
Leave Name ID as is
Click Continue to go to the Attributes mappings page. SAML SSO on the platform doesn’t require any additional attributes. Click Finish to create the SAML app.
This will take you to the page for your newly created SAML app. You will need to configure user access for admin user and/or end user to log in using SAML SSO.
Click the User Access panel to configure access.
The simplest option is ON for everyone. This will allow anyone on your Google Workspace to login via SAML SSO as follows:
Admin Console - Must have an admin user account in the platform
End User Portal - Must have an end user account in the platform
You can restrict access by Google Workspace Groups and Organisation Units if you wish. This will prevent admin users and end users outside the groups/units from using SAML SSO to log into the platform.
Please note that the Test SAML Login option on the Google Admin Console will not work with the platform. You’ll need to confirm that SAML SSO is working by logging in via the platform after you’ve finished the set up process.
How to set the Identity Provider Credentials in the usecure platform
Go back to the usecure platform SSO settings page and scroll down to the SAML section.
You’ll need the identity provider details you copied/downloaded during the creation of your Google SAML app.
Paste the Login URL into the SAML Entry Point (Identity Provider SSO URL) field.
Drag & drop the Certificate (Base64) you downloaded into the SAML Signing Certificate (Public x509 Certificate) field. You can also copy & paste the text or manually upload the file if you wish.
Click Save to finish the SAML set up process.
Next steps