Configuring Single Sign-On (SSO) for Ostendio Platform using SAML with Google Apps (Security Assertion Markup Language)

Using Security Assertion Markup Language (SAML), you can use your G Suite credentials to sign in to enterprise cloud applications via Single Sign-On (SSO).

Configuring Single Sign-On (SSO) for Ostendio Platform using SAML with Google Apps

Using Security Assertion Markup Language (SAML), you can use your G Suite credentials to sign in to enterprise cloud applications via Single Sign-On (SSO).

Note: Google states that SAML apps may take up to 24 hours to propagate to all users.

  1. Sign in to your Google Admin console using your administrator account
  2. Select “SAML Apps” under “Apps”
  3. Select the Add a service/App to your domain or click the plus (+) icon in the bottom corner
  4. Click Setup my own custom SAML App
5. Download the IDP metadata and save it (this will be used in later steps) 

6. Go back to the admin console and click Next
7. In the Basic Application Information window, enter application name as “Ostendio Platform” and enter a short description.
    • Click “Choose file” next to the Upload Logo field to upload a PNG or GIF file to serve as an icon.
    • Ostendio logos are available at https://www.ostendio.com 

8. In the Service Provider Details window, enter the following information
    • ACS URL
      • This is the SSO URL for SAML.
      • https://<your-domain>.ostend.io/main/resultssogateway.aspx
    • Entity ID
      • Same as ACS URL
    • Start URL
    • Signed Response
      • Leave unchecked
    • Name ID
      • “Basic Information” should be set to “Primary Email”
    • Name ID Format
      • Select “Email” 
9. Click Next to proceed

 

10. Do not make any changes on this screen and click Finish
11. Click OK and close the window

 

12. On the next screen click the setting icon and choose ON for everyone

13. Back in Ostendio:
    • In System Settings, select the edit icon next to Single Sign On
    • Toggle Single Sign On to On
    • Choose Google
    • Select SAML under ‘SSO Protocol’
    • Upload your Idp or certificate that you downloaded in step 5 (required)
    • Click Save to complete