Google Workspace (also referred to as G-suite) is a suite of cloud-based identity productivity tools which supports Single Sign-On (SSO) with Enable, to simplify and secure user authentication.
If you are interested in using SSO with Google Workspace but have not yet discussed your requirements with Enable, please reach out to the reach out to the Enable Support team.
This article will guide you through:
Looking for something else?
-
Looking to understand which users are logging in with SSO? Learn how to track SSO via the user activity log here.
-
Alternatively, see our Help Center for more on SSO.
Requirements for integrating SSO with G-suite
In order to integrate SSO with G-suite for Enable, you must have:
-
A Google Workspace Admin Account. Ensure that you have admin access to the google workspace console.
-
Administrative access to the Google Workspace console to configure SSO.
Note: If your organization is not registered with G-suite, you must set up a Google Workspace account. This registration is required for making use of the SAML 2.0 features offered by Google. For more details, visit Google Workspace here.
SSO information provided by Enable
To set up SSO with Enable, the following information is required for configuration on your end. Enable will provide the below SSO credentials.
SSO Credentials |
Description |
Entity ID |
The unique identifier for the SAML application in Enable. This is used to identify the application during login. |
Sign-on URL |
The SAML SSO URL where users are re-directed to start the login process. This is the same link as the SSO login URL for your users. |
ACS URL |
The URL where SAML assertions (login information) are sent after users have successfully logged in. Enable sends the SAML response to this URL to complete the login process. |
Logout URL |
The URL where users are redirected after logging out. This ensures that users are signed out from Enable and any other applications integrated with Google Workspace. |
Enable public service certificate |
The certificate used to securely send and verify login information. Ensures that SSO assertions are secure and can be verified by the application. |
Tip: If preferred, to simplify the configuration process, you can also request the Enable metadata XML file from Enable that includes all of the above credentials.
SSO steps you need to follow
The following instructions provide you with a step by step process to assist in the configuration of SSO for Enable ensuring a seamless and secure integration process.
Step 1: Login to Google Admin Console
-
Navigate to the Google Admin Console and log in with your administrators credentials.
-
Click Apps and select Web and mobile apps.
-
Click on Add app and select Add custom SAML app.
-
Enter Enable and upload a logo if desired.
-
Click Continue.
-
Once created, you are re-directed to the Google IdP Information page.
Step 2: Configure SSO settings
-
The SSO URL, Entity ID and Certificate fields are automatically populated. These credentials will be used to configure SSO in Enable.
-
Click Continue.
-
On the Service Provider Details page, configure the SSO credentials provided by Enable including the Entity ID, ACS URL, and Start URL (Sign-on URL).
-
Ensure that Signed Response is checked. This ensures that the SAML response is signed with the certificate, providing an additional layer of security.
Tip: On the Google IdP Information page, you have the option to download the Federation Metadata XML file to give to Enable. This includes the certificate and all the credentials needed to set up SSO on Enable’s side.
Step 3: Set Name ID and Mapping
-
On the Name ID page, configure the Name ID Format as Email and the Name ID as Primary Email.
-
Click Continue.
Step 4: Configure Attribute Mapping (optional)
-
On the Attribute Mapping page, add any additional attributes required by Enable. For example, first name, last name, phone number and job title.
-
Click Finish.
Step 5: Activating SSO for Enable
-
After configuring the SAML application (Enable), navigate back to Apps > Web and mobile apps.
-
Click on User Access.
-
Select ON for everyone and click Save. If preferred toggle the settings to turn on the Enable app for specific groups as needed. For more information, visit Google Support here.
Note: By default, the Enable app you created is turned off and is not visible to the users signed in to your Google domain account.
Step 5: Assign Users and Groups
-
Navigate to Apps > Web and mobile apps.
-
Select Enable.
-
Click Manage user access.
-
Assign the users or groups that need access to Enable.
What’s next?
Ready to verify that SSO is working? Learn more about testing and troubleshooting SSO here.