Setting up SAML authentication in Google G Suite

This section explains how to register learningBOX as a SAML application for Google G Suite.

Setup Flow

1. Log in to the G Suite management console and select the "Apps" section.


SAML Authentication Settings in Google G Suite1

2. Select "SAML Application" and click the "+" icon in the lower right corner.



3. Click the "+" icon to display the SAML application setup wizard.
 Select "Custom App Setup" at the bottom of the screen.


4. Settings on the learningBOX side that is SP


Google's IdP information is displayed, and this is entered into the SAML detailed settings screen on the learningBOX side.
In the Site Customizer, select "Basic Settings" > "Integrate with External Systems" > "Use SAML" and turn "Use SAML" On.
Change "SSO URL" to "HTTP-POST URL".
Enter the "Entity ID" in the "Issue URL (IdP Entity ID)" field and click
Paste the downloaded certificate into "X509Certificate".
Click on "Save" when finished.


5.Setup on G Suite side as Idp

First, enter basic information about the SAML application.
Press "Next" to proceed to the basic information entry screen.

Please set "learningBOX" for the application name and an image such as learningBOX for the logo image.


Then, enter various information about the learningBOX.

On the learningBOX side, select "Basic Settings" > "Integrate with external systems" > "Use SAML" in the site customizer, and then click
Open the "SP (learningBOX) setting information" tab to display learningBOX information.
ACS URL" to "ACS URL for learningBOX", "ACS URL for learningBOX" to "ACS URL", and "ACS URL for learningBOX" to
Entity ID" is set to "entity ID", "learningBOX entity ID", and "learningBOX entity ID".
Enter the "learningBOX Login URL" in the "Start URL" field.
Tick the Signed Response, select "Basic Information - Main Email Address" for Name ID, and select "UNSPECIDIED" for the Name ID format.


6. Attribute Mapping
Since learningBOX links accounts based on the user's email address and domain information, no special configuration is required.
Click "Done."


SAML Authentication Settings in Google G Suite9

You will now be redirected to the G Suite login screen and SAML authentication will be activated.
At this point, however, only the owner administrator can use learningBOX's SAML authentication.
To enable SAML authentication for other users, click on "Edit Service" from the SAML app settings and change the status of the service to the desired target.



After the change, you can log in from the dedicated learningBOX page.
Single sign-on is also possible from the G Suite application screen.


If you have enabled SAML authentication in G Suite


If you have enabled SAML authentication in G Suite, please turn off the Google Account Authentication toggle and turn only the SAML toggle On.

 

How can we help you?