Open the SSO Settings in GoodAccess Control panel -> Settings -> Login & Security
Click Add App and then Add custom SAML app.
Enter the name of your app (it is up to you), and upload a logo if you wish.
On the Google Identity Provider details page, you will be asked to provide the SSO URL, entity ID, and certificate.
Open the SSO Settings in the GoodAccess Control panel (Step 1), and copy the information as follows:
- Sign in URL – SSO URL (previous step)
- Entity ID – Entity ID (previous step)
- X509 Signin certificate – Certificate (previous step)
Click Continue in the admin Google workspace and prepare (copy) following details from the GoodAccess Control panel:
- Service Provider Links
- Assertion Consumer Service URL
- Login URL (there is only slash)
Now copy the previous details to the Google Workspace Admin Console.
- Acs URL - Assertion Consumer Service ULR (previous screen)
- Entity ID – Service provider links Entity ID (previous screen)
- State URL - Login URL
- Name ID format – enter "UNSPECIFIED"
- Name ID – enter "Basic Information > Primary email"
- (First line)Basic information – Primary email -> App attributes – enter "email"
- (Second line) Basic information – First name -> enter "name"
Open the created App in Google Workspace and click on "OFF for everyone"
Change to "ON fore everyone" and Save the changes.