Configuring SAML for Google Apps
Create a SAML App in Google
From the admin area of your Google Apps account click on Apps.
Click on SAML apps
Click on "Add a service/App to your domain"
Click "Setup My Own Custom App"
Copy URL and Download Certificate
From the Google IdP Information screen do the following:
- Copy the SSO URL to the clipboard.
- Click the Download button next to Certificate to download a PEM file. You will upload this file to ScreenSteps in just moment.
Open a new browser window and go to Single Sign-on section in ScreenSteps
Make sure you open a new browser window as you will need to refer to both the ScreenSteps and Google windows.
Go to the Account Management tab in your ScreenSteps account.
Select Single Sign-On from the side bar
Create an endpoint
Select Create Single Sign-on Endpoint.
- Enter a name for the endpoint.
- Make sure the Mode is set to SAML.
- Paste the URL that you copied from the Google IdP Information browser window.
- Click Create.
Upload the SAML Certificate
Now that you have created a new endpoint you can upload the SAML file that you downloaded previously.
- Click on the Upload new SAML Certificate file button. You will be prompted to select a file. Select the .pem file you downloaded from Google. The file should start with GoogleIDPCertificate-.
- After selecting the file a new authentication group will be created and will appear in the Group menu.
Copy the SAML Consumer URL to the clipboard.
Finish configuring Google
Return to the Google browser window and click the Next button.
Enter ScreenSteps as the Application Name then click "Next"
Enter Service Provider Details
In the Service Provider Details screen do the following:
- Paste the SAML Consumer URL you copied from the ScreenSteps Single Sign-on window into the ACS URL field.
- Enter ScreenSteps-Live for the Entity ID.
- Set the Name ID to Basic information and Primary Email.
- Set the Name ID Format to EMAIL.
- Click Next.
You do not need to add any mappings. Click Finish.
Turn ScreenSteps SAML app on
Before you can test the SAML integration you will need to turn it on in Google Apps. From the settings page click on the menu to turn it on.
Test using the SAML Test URL
Switch back to the ScreenSteps window and copy the SAML Test URL. Paste it into a new browser window to test your Google SAML integration.