search
Get Started

Google SAML SSO

hashtag
Introduction

Google SAML provides secure identity management and single sign-on to applications that you can add to your Google Workspace account. From Google Workspace, you and your users can log in and then access applications such as Paradime without having to log in to each application.

Organizations can use Google SAML 2.0 to connect Paradime to their Google Workspace instance. This page describes how to configure the Google SAML connection for Paradime.

hashtag
Creating a Google SAML Application

  1. To connect your Google Workspace as an identity provider, you must create a SAML application. In your Google Admin Console, navigate to the Apps section. Go to Apps > Web and mobile apps, and select Add App > Add custom SAML app.

    Apps Home

  2. Enter your App integration name as Paradime. Add the Paradime Logo for the Application. You can download the Paradime logo here Paradime Logoarrow-up-right.

    App Details

    Select Continue.

  3. In the Google Identity Provider details page, note the following information:

    • SSO URL

    • Entity ID

    • Certificate (download this file)

    You will need to share these details with Paradime Support. Select Continue.

    IdP Details

  4. In the Service Provider Details section, enter the following details:

    • ACS URL: Enter the URL below based on the region where your Paradime account is hosted

      Region
      ACS URL

      EU 🇪🇺

      https://account.paradime.io/login/saml/callback

      US 🇺🇸

      https://account.us.paradime.io/login/saml/callback

    • Entity ID: urn:account:paradime-io:samlp-<organization-name> (Get the <organization-name> from Paradime Support)

    • Name ID format: Select EMAIL

    Select Continue.

  5. In the Attribute Mapping section, configure the required attribute mappings. Select Finish.

Google Directory Attributes
App Attributes

First name

given_name

Last name

family_name

Primary email

email

Attribute Mapping

  1. After creating the application, enable it for users in your organization. Click on User Access and update the Service Status to ON for all users or relevant groups within your organization.

    User Access
triangle-exclamation

Make sure you add the user groups who need access to Paradime in the User Access section and verify the Service Status is set to ON.

hashtag
Configuring Paradime to enable Google SAML SSO

Once the Google SAML Application is configured, reach out to the Paradime team at [email protected]envelope and share the following information via a password manager like 1Password, Dashlane and similar:

  • Entity ID (from step 4 in the previous section)

  • IdP metadata: (In your Google Application, in the left panel click on "Download Metadata" and from option 1: download the metadata xml file.

  • Certificate file (In your Google Application, in the left panel click on "Download Metadata" and from option 2: download the certificate file.

Paradime team will then create the SSO client and enable SSO on your company name. Wait for approximately 30 minutes for Google to apply the changes.

Once confirmed, during login, users in your company will see a Continue with Google SAML option.

circle-check

If you already have an existing Social login setup, then using the Google SAML option, Paradime will automatically link your accounts and you can then use Google SAML SSO for all future logins.

PreviousMicrosoft Entra ID (formerly Azure AD)NextJumpCloud SSO

Last updated

Was this helpful?