Configuring SAML Single Sign-On using G Suite

Password Manager Pro allows users to setup SAML Single Sign-On (SSO) and access Password Manager Pro using a single credential. Password Manager Pro allows you to configure SAML SSO for Okta, Azure AD, ADFS, and G Suite/Google Workspace.

Here, in this document, you will learn to configure SAML SSO in G Suite/Google Workspace:

Steps Required

Log in to G Suite using Super Administrator privileges and navigate to Apps >> Web and mobile apps.
Click Add app >> Add custom SAML app.
In the Add custom SAML app page,
1. Enter the App name, Description and choose an App icon.
2. Click continue.
3. Here, Download the Metadata file from G Suite and upload in Password Manager Pro.
  1. Log in to Password Manager Pro as an administrator and navigate to Admin >> Authentication >> SAML Single Sign-On.
  2. Under Configure Identity Provider Details, Browse and Upload IdP metadata file.
    [OR]
  3. To update the values manually, open Password Manager Pro and navigate to Admin >> Authentication >> SAML Single Sign On.
  4. Under Configure Identity Provider Details, mention the SSO URL from G Suite as IdP Login URL in Password Manager Pro and Entity ID from GSuite as Issuer in Password Manager Pro.
4. Click continue.
5. Now, to configure SAML, mention the service provider details.
  1. To access these details, go to Password Manager Pro homepage and select Admin >> Authentication >> SAML Single Sign On.
  2. Under Service Provider Details, you will find Entity Id, Assertion Consumer URL; copy the values.
    
    Note: By default, the Assertion Consumer URL is the hostname of the server. To update this, follow the below steps:
    1. Go to Admin >> Settings >> Mail Server Settings.
    2. Under Access URL, update the required URL and click Save.
    3. Now, the Assertion Consumer URL under Service Provider Details will be updated.
6. Go back to Add custom SAML app page.
  1. Enter Assertion Consumer URL from Password Manager Pro under ACS URL and Entity ID from Password Manager Pro under Entity ID.
  2. You can also mention the Name ID Format and Name ID here.
    
    Note: We can update FQDN/IP/SAN name of the Password Manager Pro UI here and not the hostname.
  3. Click Continue.
7. You can update the Google directory attributes with Password Manager Pro App attributes now or you could choose to update them later.
8. Click Finish. Now, you have successfully set up your custom SAML application in G Suite.
The User access is turned OFF for Everyone by default. To turn it on, click User access, select ON for Everyone and click SAVE.
The final step is to enable SAML SSO in Password Manager Pro.

Navigate to Admin >> Authentication >> SAML Single Sign On.
Under Enable / Disable SAML Single Sign On, click Enable SAML SSO.

You have successfully enabled SAML SSO using G Suite in Password Manager Pro.


Configuring SAML Single Sign-On using G Suite Password Manager Pro allows users to setup SAML Single Sign-On (SSO) and access Password Manager Pro using a single credential. Password Manager Pro allows you to configure SAML SSO for Okta, Azure AD, ADFS, and G Suite/Google Workspace. Here, in this document, you will learn to configure SAML SSO in G Suite/Google Workspace: Steps Required Log in to G Suite using Super Administrator privileges and navigate to Apps >> Web and mobile apps. Click Add app >> Add custom SAML app. In the Add custom SAML app page, Enter the App name, Description and choose an App icon. Click continue. Here, Download the Metadata file from G Suite and upload in Password Manager Pro. Log in to Password Manager Pro as an administrator and navigate to Admin >> Authentication >> SAML Single Sign-On. Under Configure Identity Provider Details, Browse and Upload IdP metadata file. [OR] To update the values manually, open Password Manager Pro and navigate to Admin >> Authentication >> SAML Single Sign On. Under Configure Identity Provider Details, mention the SSO URL from G Suite as IdP Login URL in Password Manager Pro and Entity ID from GSuite as Issuer in Password Manager Pro. Click continue. Now, to configure SAML, mention the service provider details. To access these details, go to Password Manager Pro homepage and select Admin >> Authentication >> SAML Single Sign On. Under Service Provider Details, you will find Entity Id, Assertion Consumer URL; copy the values. Note: By default, the Assertion Consumer URL is the hostname of the server. To update this, follow the below steps: Go to Admin >> Settings >> Mail Server Settings. Under Access URL, update the required URL and click Save. Now, the Assertion Consumer URL under Service Provider Details will be updated. Go back to Add custom SAML app page. Enter Assertion Consumer URL from Password Manager Pro under ACS URL and Entity ID from Password Manager Pro under Entity ID. You can also mention the Name ID Format and Name ID here. Note: We can update FQDN/IP/SAN name of the Password Manager Pro UI here and not the hostname. Click Continue. You can update the Google directory attributes with Password Manager Pro App attributes now or you could choose to update them later. Click Finish. Now, you have successfully set up your custom SAML application in G Suite. The User access is turned OFF for Everyone by default. To turn it on, click User access, select ON for Everyone and click SAVE. The final step is to enable SAML SSO in Password Manager Pro. Navigate to Admin >> Authentication >> SAML Single Sign On. Under Enable / Disable SAML Single Sign On, click Enable SAML SSO. You have successfully enabled SAML SSO using G Suite in Password Manager Pro.