G Suite SAML Setup

Introduction

Multi-Factor Authentication (MFA) is an extra layer of security used when logging into websites or apps. Individuals are authenticated through more than one required security and validation procedure that only you know or have access to.

This guide gives an overview of how to configure G Suite to work with Acceptto’s SSO service, which allows access to G Suite using the Acceptto appliance. You will be configuring G Suite to act as a Service Provider and configuring Acceptto to act as a SAML Identity Provider.

Pre-Requisites
  1. An Acceptto Appliance connected to your user directory (for example Microsoft ‘Active DirectoryTM’).
  2. The user population that is going to be authenticated via SAML must be enrolled in the It’sMe Application.
  3. A G Suite user account with administrative access.
  4. A user with administrative privileges for the Acceptto Appliance.
Acceptto SAML Configuration as Identity Provider (IdP)
  1. Login to the Acceptto Appliance admin panel with an administrative account and go to Applications.
  2. Create a new application by selecting the Create New Application.
  3. In the Add Application dialog, enter the following values:
    • App Name - The application name displayed in the admin panel and application portal (e.g., GSuite).
    • Issuer or Entity ID – The Issuer/EntityID of your G Suite instance (e.g., google.com/a/YOUR-DOMAIN).
    • Sign in URL - The link used by your users to access the G Suite apps (e.g., google.com/a/YOUR-DOMAIN).
    • Metadata URL - The URL containing metadata about your G Suite instance (e.g., https://www.google.com/a/YOUR-DOMAIN/metadata )
  4. Click Save to create the Application.
  5. Select the Show ID Provider Data and copy the information shown on this page.
Configure G Suite as a Service Provider
  1. Login to your GSuite admin console.
  2. Select Security and click on Set up single sign-on (SSO).
  3. Select Setup SSO with third party identity provider and fill the fields with the information you got earlier.
    • Sign-in page URL - for example, https://saml.acceptto.com/saml/auth
    • Sign-out page URL - for example, https://saml.acceptto.com/saml/logout
    • Verification certificate - click add file and select the certificate file you got earlier from the Acceptto appliance.
  4. Select Save.
Test your setup
  1. Go to your Google App link. You will be redirected to the Acceptto SAML page.
  2. After successful authentication, you’ll see the Acceptto MFA options, select your desired method. Then, pass the verification stage on your It’sMe mobile app.
  3. Finally, you will be redirected to your Google app landing page.
Support

If you require assistance, please email us at support@acceptto.com

Sales

Want to learn more about our MFA solutions? Contact our Professional Services for a Demo today.

Disclaimer

All product names, trademarks, and registered trademarks are the property of their respective owners.

All company, product, and service names used in this document are for identification purposes only. The use of these names, trademarks, and brands do not constitute an endorsement by the Acceptto Corporation.

Microsoft, and 'Active Directory' are either registered trademarks or trademarks of Microsoft and/or one or more of its subsidiaries in the United States and/or other countries.