Skip to content
  • There are no suggestions because the search field is empty.

How do I set up Single Sign-On with Google Workspace?

For more information and configuration regarding Single Sign-On (SSO) in your Security Center, read this article:

How do I set up Single Sign-On?

Create a Single Sign-On application in Google Workspace

  1. Go to the Google Admin Portal and navigate to Apps.
  2. Web and mobile apps.
  3. Click Add app.
  4. Provide a name and click Add.

Configure Single Sign-On in your Security Center

Here, you will need both the Google Admin Portal settings for SAML Certificates and your Security Center Single Sign-On settings.

  1. Navigate to the newly created Google application and click on Single Sign-On in the left panel.
  2. Log in to your Security Center > Settings Single Sign-On.
  3. Uncheck the Encrypt Assertion element box.

  4. Scroll down to the section IDP SAML Configuration and choose Manual.
    1. Copy the SSO URL from your SSO APP and paste it into the IDP login URL field.
    2. Copy the Entity ID from your SSO APP and paste it into the IDP entity ID/metadata URL field.
    3. Copy the value from Certificate 1 from your SSO APP and paste it into the IDP Certificate field.

Configure Single Sign-On in the Google Admin Portal

From your Security Center, copy the Single Sign-On data from within your account. You can find out what fields to use here: 

How do I set up Single Sign-On?

Enter the copied data in the Service Provider details section of the Google Admin Portal.


    1. Copy the Login callback URL and paste it into the ACS URL in the SSO APP.
    2. Copy the Metadata URL and paste it into the Entity ID in the SSO APP.
    3. Copy the Customer login URL and paste it into the Start URL in the SSO APP.
    4. Mark the Signed response in the SSO APP.

Configure the Users Name ID

In the Google Admin Portal section named Service Provider details, configure the Name ID to the following:

    1. Home ID format: choose EMAIL.
    2. Name ID choose Basic information > Primary email.
    3. Click SAVE.

To test Single Sign-On

  1. Copy the Start login from the SSO APP or the Customer Login URL from your Security Center and paste it into a new incognito window in your web browser.
  2. Fill in the login information.