Google Workspace (SSO)

 

Step 1

Sign in to the Google Workspace Admin portal using your Google administrator account and navigate to the "Menu" -> "Web and mobile apps" -> "Add custom SAML app".


Step 2

Enter the name of the application (e.g. ISL Cloud) and click Continue.


Step 3

Download the Metadata.xml file by clicking the Download Metadata button, then click Continue

Note: The Metadata.xml file can also be downloaded later.


Step 4


Set the following fields:

ACS URL (Assertion Consumer Service URL): https://www.islonline.net/sso/saml/sp/domain/<domain>/acspost
Entitiy ID: https://www.islonline.net/sso/saml/sp/domain/<domain>/metadata.xml
Start URL (Optional): https://account.islonline.net/users/isllight/start.html

Note: When copying the ACS URL, Entity ID and Start URL, double-check for empty spaces in front and at the back of the string. If there are empty spaces left in the string, the SSO login will not work later in the process. 

Use the SAML 2.0 endpoint URLs that we have provided to you over email, those will contain your actual domain name instead of <domain>.

Important: The NameID field should be left default, as it will keep the Primary email as the unique NameID identifier.


Step 5

When a user authenticates, Google Workspace will issue a SAML token to ISL Online Cloud, that contains unique information about the user. The unique User Identifier (NameID), which we have set up in the previous step specifies the claim, which will uniquely identify the user on the ISL Online Cloud (e-mail). Unique User identifier and email are mandatory user claims.

Username (mandatory): Unique User Identifier (NameID in the previous step)
Primary email (mandatory): email
First name (optional): first-name
Last name (optional): last-name

Group membership (optional): groups

Store the SAML claim names (right-hand side column on the screenshot above) as you will need to include them to the email sent to ISL Online support team later (You can attach a screenshot when providing the claims).


Step 6

Users must first be assigned to the application before being able to access it. Select User Access from the app menu and add users or user groups, who will have access to your ISL Online Cloud application.

After you configure the application access, click Save.


Step 7

You are now finished with the basic Google Workspace configuration, download the Metadata.xml file by clicking on the Download Metadata button. Store the file as you will need to include it to the email sent to ISL Online support team later.

Proceed with Step 6 of the Basic SSO configuration.


Was this article helpful?

Cookie Consent

We use cookies to ensure the proper functioning of our website (essential cookies) and, with your consent, for other purposes (functional and other cookies) as outlined in our Cookie Policy and Privacy Policy. You can update your cookie preferences at any time.