SSO with Google G Suite

Configure Google G Suite as a SAML identity provider.

The OpsLevel Single Sign-On authentication method can be used with your organization’s existing Google G Suite account by configuring a SAML application. Below are the detailed steps on how to get started using G Suite and SAML

Setting up an G Suite SAML Application

Note: You will need to be a Administrator on your Google account. You will also need access to your SAML Endpoint URL located in the Authentication Method section of your Account Settings. Only admin users will have access to this section.

OpsLevel Authentication Method SAML Endpoint URL

To set up a G Suite SAML application, first:

1. From the G Suite admin console, navigate to Apps.

2. Click the SAML Apps card.

G Suite App Screen

3. You will be presented with a list of existing SAML Apps (if you have any). Click the + button in the bottom right of the screen to create a new SAML App.

G Suite Add App Screen


G Suite Setup Custom App

5. You will see the following screen. You will need to save the SSO URL and download the Certificate for use later in this guide. Click Next when you are ready.

G Suite SSO App Information Screen

6. Enter OpsLevel in the Application Name field.

7. (Optional) Upload an App Logo to be displayed to your employees.

G Suite SSO App Creation Screen

8. Paste your SAML Endpoint URL located in the Authentication Method section of your Account Settings into the ACS URL field.

9. Enter opslevel into the Entity ID

10. Configure Name ID to be Primary Email and Name ID Format to be Email. Click Next when finished.

G Suite Configure OpsLevel SAML settings

11. Configure the following email, first_name, and last_name attributes to be sent with the SAML Response. Select Finish to complete the setup.

Finish SAML settings

12. Open the Settings for your new SAML APP, and enable for everyone in your organization

G Suite Enable App for Organization

13. Next we’ll configure the SAML settings inside of OpsLevel. Navigate to your Account Settings.

14. Copy the SSO URL saved previously and paste it into the OpsLevel Identity provider sign in URL field.

15. Use the previously saved Certificate as the input for the X.509 certificate field under the Authentication Method portion of your OpsLevel account settings and click save.

OpsLevel Authentication Method SAML X509 Certificate and Endpoint URL

16. Test out your brand-new G Suite App!

If you are having trouble setting up your single sign-on in any way, send us an email at [email protected] and we’ll be happy to help debug and diagnose any issues.