Google Workspace SAML setup

Enable your Google Workspace (formerly G Suite) users to access Trelica with Single-Sign-On (SSO).


Add Trelica to Google Workspace

Create the SAML application in Google Workspace

Log in to your Google Admin Console and select Apps.

Select Web and mobile apps.

Click Add App and select Add custom SAML app.

If you cannot see Add custom SAML app in the list then you will need to enable Cloud Identity on your Google Workspace Account.

In the App name field enter Trelica. You can download a Trelica logo to upload as the App icon.

Click Continue.

Google Identity Provider details

Click Option 1: Download Metadata to download the Google IDP metadata. This is a file which tells Trelica how to configure the Google Workspace SAML connection:

Configure Trelica

The next step involves putting the IDP metadata you downloaded from Google Workspace into Trelica.

  1. Open Trelica in a new browser tab, as you will need to switch back to Google Workspace shortly.
  2. Log in to your Trelica site, and then go to Admin > Settings > Users > SAML providers:SAML providers.png
  3. Click New. The New SAML Identity Provider dialog is displayed.
  4. In the Name field enter Google Workspace and ensure the Metadata type is set to Metadata.SAML identity provider Google Workspace.png
  5. Open the IDP metadata that you downloaded from Google Workspace in a text editor (e.g. Notepad or Visual Studio Code), and cut Ctrl + Xand paste Ctrl+ V the contents of the file into the Metadata field.
  6. Click Create.

Finalize configuration in Google Workspace

For this step you will need the ACS URL and the Entity ID from Trelica. You can copy these from the Users Settings page:

SAML ACS URL.png

Service Provider details

Return to Google Workspace and click Continue to move to the third step, Service Provider Details. Paste Ctrl + V the URLs from Trelica into the applicable fields.

Under the Name ID section make sure the Name ID Format is set to EMAIL and the Name ID is set to Basic information > Primary email.

Click Continue.

Attribute mapping

Using the Add Mapping button, add two attributes:

Google Directory attribute App (Trelica) attribute
First name given_name
Last name family_name

Click Finish.

Test the connection

Your new application will appear in Google Workspace. Click through on the Trelica application in the table.

Use the User access section to enable the Trelica SSO link and assign it to users.

Click Test SAML login to test that the connection is working.

If any settings are wrong then you can come back at any point and modify them here.

We recommend assigning Trelica to a test user account.

Log in as your test user, and now go to the Google Workspace dashboard and you should see the Trelica application:

Click the Trelica icon. After a short pause, you should be automatically logged in to Trelica.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.