Skip to main content
Google Workspace

Set up SSO with Google Workspace

Updated over a week ago

Requirements

  • Your organization uses Google Workspace for authentication.

  • You have an Admin role.

Just-in-Time(JIT) Provision

With SAML integration, once a user is created on your end (optionally included in a group that has access to Kubit), that user can log in to Kubit immediately. The user profile information will also be automatically updated at every login time.

When a user is deleted/deactivated on your end, they will lose access to Kubit immediately too. There is no offline communication required.
​

Configure SAML app

  1. Login into the Google Workspace admin console and navigate to the Web and mobile apps screen under the Apps tab.

  2. Click on the Add app menu and select Add custom SAML app.

  3. On the App details screen name user Kubit as the App name. Download the Kubit logo from the provided Logo URL and upload it as an App icon.

  4. On the step screen(Google Identity Provider details) copy DOWNLOAD METADATA button. Share the metadata file with Kubit Team.

  5. On the next step(Service provider details) use the provided ACS URL and Entity ID from Kubit.

  6. On the next step(Attributes) map attributes as follows:

πŸ“˜ Roles and Permissions

You can manage permissions on the Kubit platform using your IdP groups by mapping the groups attribute. This step is mandatory for utilizing groups for permission management within the Kubit platform.

Google Directory Attributes
​

App attributes

Primary email

email

First name

given_name

Last name

family_name

First name

name

Test

Once configured properly on both sides, please work with the Kubit Team to test the integration. You will be provided a test URL.
​

Open Access

You may choose to turn on Kubit App to everyone, or a specific group

IdP-Initiated Login

Due to security concerns, Kubit doesn't support IdP-Initiated SSO. The user has to go to the Kubit website first to initiate the login (SP-Initiated).
​

Clicking on the Kubit App logo on Google Workspace Dashboard would fail. We don't know a way to hide that logo.

References

Did this answer your question?