How to implement SAML based SSO using Google Workspace
This tutorial explains how to implement SAML-based SSO using Google Workspace.
This is an SSO using SAML authentication, with Google Workspace as the IdP and Kuroco as the SP.
It is required that you have a Google Workspace account.
Add SP settings on Kuruco management page.
First of all, add SP settings on Kuroco's management page.
1. Access SSO SAML SP setting page
Refer to SSO SAML SP edit to access the SAML SP edit page.
2. Add SP setting
Input the followings in SSO SAML SP edit page and click [Add] button.
- Login SAML SP Name: your preferred name.
- Entity ID: your preferred ID.
- Enable: Uncheck it.
- (For API) Generate grant token: Select and check the desired ones.
- Automatically Register User：Check it.
- Allow IDP Initiated Flow: Check it.
Google Workspace management page setting
Next is the SAML integration setting on Google Workspace management page.
- Make sure to login with Google Workspace admin account for the following procedures.
- The screen may change depending on Google specification.
4. Create custom app
Input the followings and click [continue].
- App name
- App icon
6. Input the SP information
Input the following information:
- ACS URL: Paste "Login SAML SP ACS URI" which you copied on Kuroco management page at step 3.
- Entity ID: Paste "Entity ID" which you copied on Kuroco management page at step 3.
- Start URL: the URL after login such as /sample.
- Signed response: Check it.
- Name ID format: Select "EMAIL".
- Name ID: Select "Basic Information > Primary Email".
Click [CONTINUE] once completed.
Setup the followings:
- Basic Information / Last name：name1
- Basic Information / First name：name2
Click [FINISH] once completed.
Google Workspace setup has been completed.
Setup IdP information on the SP edit page on Kuruco management page.
On Kuroco's management page, access the SSO SAML SP editpage.
How to use
You can use SAML login here.