Adding G-Suite to Passly

Passly can support most Identity Provider (IdP) Init web applications that support SAML 2.0. Out of the box, Passly ships with support for G suite, formerly known as Google Apps.

First, we are going to enable and configure the app in SSO.

  1. Log into your Passly tenant as an administrator, and browse to SSO Manager
  2. Select the Add application icon in the bottom right corner.
    In the list, search for "Google" and you will see the application named "Google Apps".

clip2.jpg

Note: The application may be named Google Apps in the catalog and can simply be renamed once added.

  1. Check the box to Enable the application and select the Protocol Setup tab.
  2. Edit the "Assertion Consumer Service URL" to reflect your G-Suite domain - https://www.google.com/a/YourGoogleDomain.com/acs
  3. Edit the "Service Entity ID (issuer)" field to simply be "Google.com" as seen below
  4. Advanced Settings, Set Signing algorithm to SHA-256 and Fixed relay state to your G-Suite domain - https://www.google.com/a/YourGoogleDomain.com/acs

clip0.jpg

 

Note: Replace "YourGoogleDomain.com" with your Google Apps Domain.

  1. Select the "Add Application" link at the bottom right.
  2. Once added to your list, select once more for further configuration.
  3. Select the "Permissions" tab and add groups that will have permissions to access this application.
  4. Select the "Signing and Encryption" tab
    Download a copy of the certificate for your tenant. This certificate file will be imported into the G-Suite application itself.

Configuring Google Apps

Note: the following steps for configuring G-Suite can also be found here

  1. Sign in to the Google Admin console. 
  2. Click Security > Advanced settingsWhere is it? 
  3. Check the Setup SSO with the third-party identity provider box.
  4. Enter the following URLs to your Passly tenant as outlined below:

    Sign-in URL: https://(your tenant).my.passly.com/trust/Launch

    Sign-out URL: https://(your tenant).my.passly.com/apps

g-suite-G-SSO.jpg

  1. Upload the certificate that you downloaded from your tenant using the Choose file and Upload links in the Verification Certificate area.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us