Skip to content

Log in to Google Workspace using Asgardeo

Legacy SSO Profile

Google has marked their old SSO profile as legacy and now supports a new profile. We recommend using the new profile for better compatibility. If you still need to set up the legacy profile, refer to Google's legacy guide and use our Standard-Based SAML template.

This page guides you through integrating Asgardeo for Single Sign-On (SSO) with Google.

Before you begin

You need to have a Google domain. Further, ensure you have a Google Workspace account and your account supports SSO by referring to the Google documentation.

Create the Google Workspace application

Follow the steps given below to register the Google Workspace application in Asgardeo.

  1. On the Asgardeo Console, go to Applications.

  2. Click New Application and under SSO Integrations, select Google Workspace.

    Select app type in the Asgardeo

  3. Provide the Entity ID and a Name for the application.

    Entity ID

    A unique URL dynamically generated for your Google SAML SSO profile. To find it, follow Google's guide on creating a SAML SSO profile. Once completed, copy the Entity ID from the SP Details section of the specific SAML SSO profile.

    Note: While setting up the SAML SSO profile in Google, simply provide a name first. The IdP details can be added later.

    Select google workspace app in the Asgardeo

  4. Click Create to complete the registration.

  5. Download Asgardeo's certificate from the Guide tab of the created application.

Configure Google

Follow the steps below to configure Google for SSO authentication with Asgardeo.

  1. Access your Google domain's admin console.

  2. Follow Google’s instructions to configure the SSO profile for your organization. Use the details below:

    • IDP entity ID: api.asgardeo.io/t/{organization_name}

    • Sign-in page URL: https://api.asgardeo.io/t/{organization_name}/samlsso

    • Sign-out page URL: https://api.asgardeo.io/t/{organization_name}/samlsso

    • Password URL: https://myaccount.asgardeo.io/t/{organization_name}/myaccount/security

  3. Upload Asgardeo's certificate you downloaded earlier.

    sso-fill-google.png

Try it out

Now that you have integrated Asgardeo with Google Workspace, follow the steps below to test it.

Note

Google restricts administrators from being redirected to external identity providers. Therefore, use a non-administrator account to try it out.

  1. Create a new account in Asgardeo for a user that already exists in Google Workspace under the same email address.

  2. Navigate to Google and enter the email address of the user you created. You will be navigated to Asgardeo's login page.

  3. Enter the username and password for the user to login. Once authenticated, you will be navigated to the relevant domain's G-Suite.

Note

If you only wish to access Gmail, navigate to mail.google.com, and repeat the process.