Enable SSO with Google Workspace

This guide walks you through configuring Google Workspace as your SAML2 identity provider for single sign-on (SSO) authentication.

Step 1: Create SAML Application in Google Workspace

1. Log into your Google Admin Console
2. Navigate to Apps > Web and mobile apps
3. Click Add App > Add custom SAML app
4. App name: Enter "OakHost" as the application name
5. (Optional) Upload the OakHost logo
6. Click Continue

Step 2: Configure OakHost SAML Settings

1. Sign in to the OakHost Customer Panel and navigate to User Management > Manage SSO.
2. Copy the following values from the Google Identity Provider details page and paste them into the OakHost Customer Panel:
   • SSO URL: Corresponds to IDP Login URL
   • Entity ID: Corresponds to IDP Entity ID
   • Certificate: Copy the text starting with -----BEGIN CERTIFICATE----- and paste it into the IDP X.509 Certificate field
   • IDP Logout URL: Use https://www.oakhost.net as the logout URL

3. Click Create Configuration in the OakHost Customer Panel.
4. Click Continue on the Google Admin page to proceed to the next step.

Step 3: Configure Google SAML Settings

1. On the Service Provider details page, copy the values provided in the OakHost Customer Panel for ACS URL, Entity ID and Name ID format:

5. Click Continue.
6. On the Attribute Mapping page, no attributes are required. Click Finish to complete the setup.

Step 4: Test Integration

The SSO configuration is now complete. You can test the integration by logging out of the OakHost Customer Panel. On the login screen, enter your email address and click Sign in via SSO. You will be redirected to Google for authentication.