Google as an identity provider
After enabling Devo as a service provider, you can set up Google as an identity provider for SAML SSO.
To activate Google as an identity provider for SAML authorization, you need a Google administrator account.
Log in to the Google Admin console and click Apps, then select SAML apps.
Click the + icon in the bottom right corner of the screen to create a new SAML application.
- The first window in the setup process appears. Select Setup my own custom app.
The next window displays the Google SSO URL, Entity ID, and Certificate. Copy the SSO URL and Entity ID, and download the Certificate for use later.
In the Devo Platform, go to Preferences → Domain preferences → Authentication. Paste the SSO URL and Entity ID into the corresponding fields of the Identity Provider area.
Return to the Google process and click Next. In the following window, enter an Application Name (for example, SAML2 Devo access) and a Description for your custom SAML app and click Next.
The Service Provider Details window appears. Return to the Devo Platform, copy the Home URL, ACS URL and Entity ID from the Service Provider area and paste them into the corresponding fields of the Google Admin console.
Select Basic information and Primary Email in the Name ID field of the Google Admin console. The Name ID Format field must match the one selected in Devo (By default UNSPECIFIED). Click Next.
Click Finish in the next window. Then, to activate the newly created SAML app, click the ellipsis icon and select ON for everyone.
- Finally, open the previously downloaded certificate using a text editor, then copy its content and paste it into the Add certificate field in Devo.
- Click Update to finish the process.