ACCESS > How to configure Google Suite for SAML and SSO

Note - in this article - there's some steps that can only be done by Tallyfy Support on our back-end. They're included here for full transparency.

General

In order to integrate Google Suite Suite SAML/SSO with your Tallyfy organization, you will need to:

  • Set up and configure a Google Suite app with SAML support.
  • Use the Google Suite app's settings to configure SAML on Tallyfy.
  • Enable SAML for your organization on Tallyfy, to start SSO authorization and user provisioning.

Set up your own custom Google Suite SAML application for your Tallyfy organization

Preparing the new application

  • Sign in using an account with super-administrator privileges.

  • In your Admin console Home page, go to Apps > Web and mobile apps.

  • Choose Add App, then click Add custom SAML app.

Configure SAML settings

On the App Details page:

  • Choose a name for your app, and upload your logo, then click Continue.

On the Google Identity Provider details page, get the setup information needed by Tallyfy:

  • Copy the SSO URL and Entity ID and download the Certificate, click Continue.

image

  • In the Service Provider Details window, we will need to fill ACS URL, Entity ID for your custom app. These values are all provided by Tallyfy.

image

So, we will need to get the default SAML values from our organization in Tallyfy:

  1. Select our Organization's profile from the Support page.
  2. Scroll to Org Settings tab:

image

  1. Click on Add Configuration Details: Ignore the empty fields for now and scroll down to the existing default values.

image

  1. Now, we will fill the SAML settings in our G Suite app (the Service Provider Details window), using those values:

  • ACS URL: In this field, copy the value from SP ACS URL (Single Sign On URL). (number 1 in the screenshot above)

  • Entity ID: copy the value from SP Entity ID (Audience URI). (number 2 in the screenshot above)

  • Click Continue.

  • On the Attribute mapping page, click Add another mapping to map additional attributes. We will add three attributes just like the screenshot below:

  • Click Finish.

  • Now you will need to make your app available for your users, Go to User Access > Service status and Select ON for everyone:

image

Configure SAML on Tallyfy:

  • Since you have an application ready, First we will get the SAML data needed to configure SAML on Tallyfy.

  • Get the data you copied from the Google Identity Provider details page in your SAML app.

  • We will use the values in the above page as SAML configs to integrate this app to our Tallyfy organization.

  • Go back to our Tallyfy Support page where the SAML configs modal is still open, then we fill the values respectively, as shown in the screenshot below. This step is highly likely to be done by Tallyfy Support - so please provide the values to support (at) tallyfy (dot)

image

  • After successfully saving the configs, you will need to enable SAML in this organization.
  • Click on the toggle button next to Add Configuration Details:

image

Congratulations, now Single Sign-on and User Provisioning using Google Suite will be working for your organizations' users!

How to provision new members to Tallyfy using SSO

Go back to Tallyfy Support page and open the SAML configs modal, copy the Tallyfy login URL and share it with your users who have access to the G suite SAML app:

image

They can use this link to access Tallyfy, old users will just login, while new users will be added to your Tallyfy organization automatically.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles