Configuring G Suite as the Identity Provider

Role Required: SDAdmin

1. Log in to Google Workspace.
   
2. Go to Apps > Web and mobile apps.
   
3. Click Add app > Add custom SAML app.
   

1. Provide the App name and Description.
   
2. Upload the App icon and click Continue.
   

1. On the displayed page, download the certificate under Option 2.
   

1. In AssetExplorer, go to Admin > Organizational Settings > SAML Single Sign On.
   
2. Under Configure Identity Provider Details, provide the SSO URL of Google Workplace as Login URL.
   
3. Set Algorithm as RSA_SHA256.
   
4. Click Choose File to upload the certificate.
   

 

1. Go back to your Google Workspace account and click Continue on the Google Identity Provider details page.
   
2. In the Service provider details page, copy and paste the Assertion Consumer URL and Entity ID from the AssetExplorer SAML configuration page in the required fields.
   
3. Select the Name ID format as EMAIL and the Name ID as Basic Information > Primary email.
   

The Name ID format configured in Google Workspace should match that of AssetExplorer.  Make sure to select the Name ID Format as Email Address in the SAML configuration page in AssetExplorer. Learn more.

1. Click Continue.
   
2. On the Attribute mapping page, you have the option to add additional attributes to create a user profile in AssetExplorer.
   
3. Click Finish to complete the app configurations.
   

1. On the Google Workspace, click to view the newly created app configurations, and then click Edit details.
   
2. Under the User access section, set the service status as ON for everyone.
   

You have now configured AssetExplorer as a service provider in Google Workspace.

See also Configuring SAML in AssetExplorer

• Related Articles

• Configuring ADFS 3.0 as the Identity Provider

  Role Required: SDAdmin Before you start the configuration process, make sure that the AssetExplorer application is running in the HTTPS mode. Then, configure AssetExplorer as a Relying Party Trust (RPT). This can be done either manually or using the ...

• Configuring OneLogin as Identity Provider

  Role Required: SDAdmin Log in your OneLogin domain and click Applications under the Applications tab. In the displayed page, click Add App. Search for SAML from the search box and select SAML Test Connector (Advanced) from the search results. Provide ...

• Configuring Okta as the Identity Provider

  Role Required: SDAdmin Log in to your Okta domain. Go to the Applications > Add Application. Click Create New App. From the displayed dialog box, choose SAML 2.0 as the sign-on method. Click Create. In the next window, provide a Name for your ...

• Configuring SAML in AssetExplorer

  Role Required: SDAdmin Go to Admin > Organizational Details > SAML Single Sign-On. In the configurations tab, you will find two sections: Service Provider Details and Configure Identity Provider Details. Service Provider Details Under the Service ...

• Configure Azure as the Identity Provider

  Role Required: SDAdmin Follow the steps below to configure AssetExplorer as a service provider in Azure. Before configuring, ensure that the AssetExplorer runs in HTTPS mode. Log in to your Azure domain. Under Azure Services, click Enterprise ...