Google SAML

Follow these steps to add Google as the SAML SSO provider for your workspace:

1. Open Buddy SSO settings in one browser tab and switch to SAML → Google.
2. In another tab, sign in to the Google Workspace admin panel as a user with administrative rights.
3. Go to Apps → Web and mobile apps:

Image loading...

4. Open the Add app dropdown menu and select Add custom SAML app:

Image loading...

5. Fill in app details: name, description, and icon (optional). Click Continue:

Image loading...

6. Save the data required for SSO configuration in Buddy for later use: SSO URL, Entity ID, and the certificate. Click Continue:

Image loading...

7. Fill in the form with the data copied from Buddy SSO configuration:

   • ACS URL → ACS / SP Assertion Consumer Service / Single Sign-On from Buddy
   • Entity ID → SP Entity ID / Audience URI from Buddy
   • Name ID format → set to UNSPECIFIED
   • Name ID → set to Basic information > Primary email
8. In the Attribute mapping step, don't add any mappings. Click Finish.
9. From the Apps menu, select the app you created, go to User access and assign permissions according to your needs:

Image loading...

10. Return to Buddy's SSO settings tab and provide the information you copied from the Google admin panel:

    • SSO URL / SAML Endpoint / Identity Provider Single Sign-On URL → SSO URL from Google
    • Issuer → Entity URL from Google
    • Certificate → upload the Google certificate you downloaded
    • Signature / Digest Method → leave at Most popular
11. Click Test configuration and enable SSO on success.
12. Sign in to your Google account to save the SSO configuration.