How to Set Up Single Sign-on With Google Apps
Oktopost allows users to set up Single Sign-on using SAML 2.0. In this article we'll walk you through how you can set up a custom SSO app with Google Apps
Single sign-on (SSO) lets users sign in to all their enterprise cloud applications using their managed Google account credentials.
Set up your own custom SAML app
- From the Google Admin console Home page, go to Apps > SAML Apps.
To see Apps on the Home page, you might have to click More controls at the bottom. - Click the Add icon at the bottom right.
- Click Set up my own custom app.
The Google IDP Information window opens and the SSO URL and Entity ID fields automatically populate. - Get the setup information needed by Oktopost using this method:
- Copy the SSO URL and Entity ID and download the Certificate.
- In a separate browser tab or window, sign in to Oktopost and go to https://app.oktopost.com/setup/sso to enter the above information for the fields below:
- SAML Endpoint: SSO URL
- Issuer URL: Entity ID
- X.509 Certificate: Upload the downloaded Certificate here
- Click Save
- Return to the Google Admin console.
- Click Next.
- In the Basic information window, set the Application Name as Oktopost and add a Description.
- (Optional) Upload a PNG or GIF file to serve as an icon for your custom app. The icon image should be 256 pixels square.
You can open and save the Oktopost logo to use for this purpose here. - Click Next.
- In the Service Provider Details window, enter the following:
- ACS URL: https://app.oktopost.com/auth/acs
- Entity ID: https://app.oktopost.com
- Start URL: Leave this empty
- Click Next.
- Click Finish.
Turn on SSO to your new SAML app
- From the Google Admin console Home page, go to Apps > SAML Apps.
To see Apps on the Home page, you might have to click More controls at the bottom. - Select your new SAML app.
- At the top right of the gray box, click the Edit Service icon (it looks like a pencil).
- To apply settings to all organizations, click On for everyone or Off for everyone, and then click Save.
- To apply settings to individual organizational units, do the following:
- At the left, select the organizational unit that contains the users whose settings you want to change.
- To change the setting, select On or Off.
- To keep the setting the same, even if the parent setting changes, click Override.
- If the organization's status is already Overridden, choose an option:
- Inherit: Reverts to the same setting as its parent.
- Save: Saves your new setting (even if the parent setting changes).
Learn more about Google's organizational structure.
Ensure that your user account email IDs match those in the domain for your Google service.