Setup Single Sign On (SSO) with GSuite using SAML
Setup Single Sign On (SSO) with GSuite using SAML
A step by step guide on how to setup Single Sign On (SSO) with Google's GSuite using SAML
Written by Suey Stockton
Updated over a week ago
Create a new Damstra Learning Plugin
- Login as an Admin into Damstra Learning.
- Go to Admin, Integrations, Plugins.
- Click Add Plugin.
- Click SAML 2.0.
- Enter a name for the plugin that will be visible on the login screen. For example; "Google".
Create a SAML App in GSuite
- In a new tab, go to https://admin.google.com and login with your credentials.
- Click on Apps.
- Click on SAML apps.
- Click the plus on the bottom right.
- Click Setup My Own Custom App.
- Copy the Entity ID. (not the SSO URL).
- Under Option 2, download the IDP metadata.
- Click Next.
- Name the application Damstra Learning.
- Switch back to the Damstra Learning Tab.
- Paste the Entity ID in your clipboard into the Issuer URL field.
- Upload the metadata you downloaded before.
- Copy the Single Sign On URL.
- Switch Back to the GSuite Tab.
- Paste the Single Sign On URL into the ACS URL and Entity ID fields.
- Check the Signed Response checkbox.
- Click Next.
- Click Add New Mapping and map the following fields.
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname-> First Name
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname -> Last Name
- http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress -> Primary Email
- http://schemas.xmlsoap.org/claims/Group -> Department (optional)
Finishing Up
- Click Finish.
- Go back to the Velpic tab.
- Check the Auto-create new user's field if you want to.
- Click Save.