GSUITE – UPSSO SAML INTEGRATION GUIDE
This document provides the instructions for setting up UPSSO as a Third Party IDP to GSUITE application using SAML protocol.
PREREQUISITES
Administrator access to the UPSSO portal.
Administrator access to the GSUITE application.
CONFIGURING GSUITE IN UPSSO
Login to the UPSSO portal as an administrator.
Click on the “Application Management” menu and then click the new record button and select SAML application as highlighted below.
3. Click on the “GSuite” icon, Add this application.
4. Enter the GSuite domain name and click on the “SAVE” button.
DOWNLOADING UPSSO (IDP) CERTIFICATE
Login to the UPSSO portal as an administrator.
Click on the “IDP Resources” => “IDP Resources” from the left side menu.
Click on the “DOWNLOAD IDP CERTIFICATE” button.
4. A certificate file “server.crt” will be downloaded. Please keep this file as we need to import this certificate in GSuite next section.
CONFIGURING UPSSO IN GSUITE
Login into https://admin.google.com/
Click on “Security” from the menu.
Click on the “Set up single sign-on (SSO) with a third party IdP” option.
4. Select the checkbox “Set up SSO with third-party identity provider”.
5. Enter “Sign-in page URL” as “https://<UPSSO_SERVER_HOST>/upsso/upsso-service”.
6. Enter “Sign-out page URL” as “https://<UPSSO_SERVER_HOST>/upsso/logout”.
7. Upload the verification certificate (The server.crt file download in the above section)
8. Select the checkbox “Use a domain-specific issuer”.
9. Click on the “SAVE” button.
10. Look at the following screenshot for reference
TESTING THE INTEGRATION
Login into the UPSSO portal as a user (The mail id of this user should exist in GSuite)
Click on the “Application” from the left side menu.
Click on the “GSUITE” icon.
4. Enter the OTP
5. The user will be logged in to the GSUITE application.