The OpsLevel Single Sign-On authentication method can be used with your organization’s existing Google G Suite account by configuring a SAML application. Below are the detailed steps on how to get started using G Suite and SAML
Note: You will need to be a Administrator on your Google account. You will also need access to your SAML Endpoint URL located in the Authentication Method section of your Account Settings. Only admin users will have access to this section.
To set up a G Suite SAML application, first:
1. From the G Suite admin console, navigate to Apps.
2. Click the SAML Apps card.
3. You will be presented with a list of existing SAML Apps (if you have any). Click the + button in the bottom right of the screen to create a new SAML App.
4. Select SETUP MY OWN CUSTOM APP
5. You will see the following screen. You will need to save the SSO URL and download the Certificate for use later in this guide. Click Next when you are ready.
6. Enter OpsLevel in the Application Name field.
7. (Optional) Upload an App Logo to be displayed to your employees. You can find ours here. Click Next when done.
8. Paste your SAML Endpoint URL located in the Authentication Method section of your Account Settings into the ACS URL field.
9. Enter opslevel into the Entity ID
10. Configure Name ID to be Primary Email and Name ID Format to be Email. Click Next when finished.
11. Configure the following email, first_name, and last_name attributes to be sent with the SAML Response. Select Finish to complete the setup.
12. Open the Settings for your new SAML APP, and enable for everyone in your organization
13. Next we’ll configure the SAML settings inside of OpsLevel. Navigate to your Account Settings.
14. Copy the SSO URL saved previously and paste it into the OpsLevel Identity provider sign in URL field.
15. Use the previously saved Certificate as the input for the X.509 certificate field under the Authentication Method portion of your OpsLevel account settings and click save.
16. Test out your brand-new G Suite App!
If you are having trouble setting up your single sign-on in any way, send us an email at [email protected] and we’ll be happy to help debug and diagnose any issues.
Updated about 1 year ago