Set Up SAML with Google Google Workspace
This document outlines the process to register DeployGate as a SAML app in Google Workspace.
This operation requires “Administrator” privileges.
First, log in to Google Workspace’s Google Admin Console. After selecting Apps, select SAML Apps, and click Add button.
The SAML Application setup wizard will appear. In Step 1, select Setup My Own Custom App.
In Step 2, Google’s IdP Information will appear. Please enter this information into DeployGate’s SAML authentication settings wizard.
Enter the SSO URL into the IdP SSO Target URL field and the Entity ID into the IdP Entity ID field. Download the certificate and upload it to DeployGate. Please use a clear and descriptive name for the IdP Name.
After moving to Step 2 of the DeployGate Settings page, please click “Next” on the Google Workspace Settings screen to proceed to the next Step.
Enter the SAML app’s basic information in Step 3.
Enter DeployGate for the Application Name. For Upload logo, upload the logo image file downloaded from Step 3 of the DeployGate Settings page.
In Step 4, enter the information for DeployGate as the Service Provider. This information is available in Step 3 of the DeployGate Settings.
Enter the ACS URL” in the “ACS URL field, Entity ID in the Entity ID field, and SSO URL in the Start URL field.
Check the box for Signed Response. Select Basic Information - Primary Email for the Name ID and select Persistent for the Name ID Format.
After entering the information, proceed to Step 5 of the Google Workspace Settings. Please remain on Step 3 for the DeployGate Settings.
In Step 5 of the Google Workspace Settings, configure user mapping. Provide the user’s email address using the email attribute. Click Finish when you’ve completed the configuration.
Previously, we used email addresses to identify Enterprise users, but as of August 2021, we started to use Persistent IDs. We will contact affected customers about the expiration of their old authentication settings. Please update your settings as soon as possible.
If the configuration is successful, Google Workspace’s SAML App Settings will be enabled.
Move to the DeployGate Settings, clicking on Enable SAML authentication will redirect you to the Google Workspace login screen, and SAML authentication will be enabled.
However, at this point, only administrators can use DeployGate’s SAML authentication. To enable SAML authentication for all or specific organizational units, click Edit Service in the SAML App Settings. Select the applicable audience (all or specific organizational units) and click “ON for everyone” to enable the service. Once enabled, users can use the dedicated Enterprise login page to log in to DeployGate.
