Ask the Community
Groups
Adding G-Suite to Passly - Connect IT Community | Kaseya
<main> <article class="userContent"> <p>Passly can support most Identity Provider (IdP) Init web applications that support SAML 2.0. Out of the box, Passly ships with support for G suite, formerly known as Google Apps.</p> <p>First, we are going to enable and configure the app in SSO.</p> <ol><li>Log into your Passly tenant as an administrator, and browse to SSO Manager</li> <li>Select the Add application icon in the bottom right corner.<br>In the list, search for "Google" and you will see the application named "Google Apps".</li> </ol><p><img src="https://us.v-cdn.net/6032361/uploads/migrated/32QXC6AQ29BR/clip2.jpg" alt="clip2.jpg" class="embedImage-img importedEmbed-img"></img></p> <p><strong>Note:</strong> The application may be named Google Apps in the catalog and can simply be renamed once added.</p> <ol><li>Check the box to Enable the application and select the Protocol Setup tab.</li> <li>Edit the "Assertion Consumer Service URL" to reflect your G-Suite domain - <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fwww.google.com%2Fa%2FYourGoogleDomain.com%2Facs">https://www.google.com/a/YourGoogleDomain.com/acs</a></li> <li>Edit the "Service Entity ID (issuer)" field to simply be "Google.com" as seen below</li> <li>Advanced Settings, Set Signing algorithm to SHA-256 and Fixed relay state to your G-Suite domain - <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fwww.google.com%2Fa%2FYourGoogleDomain.com%2Facs">https://www.google.com/a/YourGoogleDomain.com/acs</a></li> </ol><p><img src="https://us.v-cdn.net/6032361/uploads/migrated/ZS7NOTDJPKFQ/clip0.jpg" alt="clip0.jpg" class="embedImage-img importedEmbed-img"></img></p> <p> </p> <p><strong>Note</strong>: Replace "<em>YourGoogleDomain.com</em>" with your Google Apps Domain.</p> <ol><li>Select the "Add Application" link at the bottom right.</li> <li>Once added to your list, select once more for further configuration.</li> <li>Select the "Permissions" tab and add groups that will have permissions to access this application.</li> <li>Select the "Signing and Encryption" tab<br>Download a copy of the certificate for your tenant. This certificate file will be imported into the G-Suite application itself.</li> </ol><h3 data-id="configuring-google-apps">Configuring Google Apps</h3> <p>Note: the following steps for configuring G-Suite can also be found <a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fsupport.google.com%2Fa%2Fanswer%2F6349809%3Fhl%3Den%26ref_topic%3D6348126">here</a></p> <ol><li><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fsupport.google.com%2Fa%2Fanswer%2F182076">Sign in to the Google Admin console. </a></li> <li>Click <strong>Security > Advanced settings</strong>. <a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fsupport.google.com%2Fa%2Fanswer%2F3052550"><sup>Where is it?</sup> </a> </li> <li>Check the <strong>Setup SSO with the third-party identity provider</strong> box.</li> <li>Enter the following URLs to your Passly tenant as outlined below:<br><br>Sign-in URL: <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2F%28your">https://(your</a> tenant).my.passly.com/trust/Launch<br><br>Sign-out URL: <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2F%28your">https://(your</a> tenant).my.passly.com/apps</li> </ol><p><img src="https://us.v-cdn.net/6032361/uploads/migrated/YLICO48UOBKV/g-suite-g-sso.jpg" alt="g-suite-G-SSO.jpg" class="embedImage-img importedEmbed-img"></img></p> <ol><li>Upload the certificate that you downloaded from your tenant using the Choose file and Upload links in the <strong>Verification Certificate</strong> area.</li> </ol> </article> </main>