Blog Status Toggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage

Google Workspace

Start configuring SSO/SAML from the Settings page in web app, scroll to the SSO/SAML section and click Use SAML for Single Sign-On. Specify the email domain of your organization, this will be used to direct users to the correct IdP login page when signing in.

SSO/SAML configuration in

In Google Workspace Admin console, navigate to Apps -> Web and mobile apps, click the Add app button and select Add custom SAML app.

Creating new app in Google Workspace

Fill in the App name, Description and optionally the logo, and click Continue:

Filling basic SAML app details in Google workspace

You can use this for the logo: square logo

Copy over the following fields into SSO configuration:

  • SSO URL -> IdP SSO URL / Sign on URL
  • Entity ID -> IdP Entity ID / Issuer
  • Certificate -> IdP Signing Certificate

Once filled, click Continue.

Copying SAML app details from Google Workspace

Now that we have Identity Provider data in, you’ll need to tell Google about as well.

Copy the following from into Google SAML app configuration:

  • SP Entity ID / Audience URL -> Entity ID

Select EMAIL as the Name ID format and click Continue.

Copying SAML app details from

Next, Google offers to map attributes and groups. We don’t support this - yet! - so click Finish:

Skipping attribute mapping in Google Workspace

We’ll enable the app for our users. Click User access and select ON for everyone. Alternatively you can give access to specific users or groups, e.g. Android developers.

Enabling SAML app for users in Google Workspace

Enabling SAML app for users in Google Workspace

Finally, click Configure in

Finalizing SSO/SAML configuration in

SSO/SAML with Google workspace is now enabled for your organization! 🎉