Configuring SAML for Google Apps
Create a SAML App in Google
From the admin area of your Google Apps account click on Apps.
Click on SAML apps
Click on "Add a service/App to your domain"
Click "Setup My Own Custom App"
Copy URL and Download Certificate
From the Google IdP Information screen do the following:
- Copy the SSO URL to the clipboard.
- Click the Download button next to Certificate to download a PEM file. You will upload this file to ScreenSteps in just moment.
Open a new browser window and go to Single Sign-on section in ScreenSteps
Make sure you open a new browser window as you will need to refer to both the ScreenSteps and Google windows.In
Follow the instructions in the article How do I use Remote Authentication to access my sites or admin area? in order to create a Single Sign-on endpoint. Make sure to select SAML as the mode when creating the endpoint.
Configure the Remote Login URL
- Paste the URL that you copied from the Google IdP Information browser window.
- Click Update.
Upload the SAML Certificate
Now that you have created a new endpoint you can upload the SAML file that you downloaded previously.
- Click on the Upload new SAML Certificate file button. You will be prompted to select a file. Select the .pem file you downloaded from Google. The file should start with GoogleIDPCertificate-.
Copy the SAML Consumer URL to the clipboard.
Finish configuring Google
Return to the Google browser window and click the Next button.
Enter ScreenSteps as the Application Name then click "Next"
Enter Service Provider Details
In the Service Provider Details screen do the following:
- Paste the SAML Consumer URL you copied from the ScreenSteps Single Sign-on window into the ACS URL field.
- Enter the Entity ID for your ScreenSteps SSO endpoint.
- Set the Name ID to Basic information and Primary Email.
- Set the Name ID Format to EMAIL.
- Click Next.
You do not need to add any mappings. Click Finish.
Turn ScreenSteps SAML app on
Before you can test the SAML integration you will need to turn it on in Google Apps. From the settings page click on the menu to turn it on.
Test using the SAML Test URL
Switch back to the ScreenSteps window and copy the SAML Test URL. Paste it into a new browser window to test your Google SAML integration.
Once you have finished testing your endpoint click the Activate checkbox.