Skip to main content

Google Auth Integration for SAML 2.0

Lauren Wagner
Updated

This document outlines how to configure Google for SAML 2.0 SSO integration with Cleary.

NOTE: There are two environments: sandbox and production. Sandbox is hosted at pre-gocleary.com and production is hosted at gocleary.com Each environment will need its own Google Auth configuration - please send over both. 

Watch a screencast showing the steps below

Step 1 - Create New App in Google

  1. Log in to the Google admin dashboard
  2. select "Apps" from the sidebar menu
  3. then select "Web and Mobile Apps" from the following list
  4. Select "Add App" and then "Add custom SAML app".
  5. Give the app a descriptive name and upload an icon, if applicable. Click "Continue".
  6. Copy the SSO URL and the Certificate and paste them into a file that’ll be shared with Cleary later. Then click Continue.
    Screen_Shot_2023-01-29_at_10.10.35_PM.png 
  7. For the ACS and Entity ID put the same URL below, accordingly to what environment you are setting up:
    1. Sandbox: https://your-cleary-subdomain.pre-gocleary.com/auth/saml/callback
    2. Production: https://your-cleary-subdomain.gocleary.com/auth/saml/callback
  8. Set “Name ID Format” to EMAIL then click Continue
  9. Click Add Mapping
  10. Select Primary Email on the left field and set ‘uid’ to the right field
    Screen_Shot_2023-01-29_at_10.10.44_PM.png 
  11. Click Finish

 

Step 2 - Give Users Access

  1. Click on the “User Access” Section
  2. Set up the access as you wish



Step 3 - Test your new SAML Application

  1. Click this TEST SAML LOGIN button
    Screen_Shot_2023-01-29_at_10.10.51_PM.png 
  2. It should redirect you to the Cleary App if it’s working fine. You won’t be authenticated yet, it’s just a test to make sure you set it up correctly. Note: It can take several minutes before it starts working, then make sure you wait perhaps 30min to try again before you consider it’s wrong.

 

Step 4 - Add Credentials to Cleary

  1. Open the Cleary App
  2. Navigate to the Admin > App Integrations page
  3. Expand the Authentication section
  4. Click the ‘Configure SAML’ button (if you don’t see it, you probably need to disable one of the other authentications types)Screen_Shot_2023-01-29_at_10.11.05_PM.png 
  5. Fill in the fields in the form and click Install
    Screen_Shot_2023-01-29_at_10.11.16_PM.png
  6. Additionally, make sure you add the allowed email login domains for your company. People can’t log in if their email domain is not on this list

Screen_Shot_2023-01-29_at_10.11.24_PM.png

Was this article helpful?

0 out of 0 found this helpful
Return to top

Related articles

Powered by Zendesk