New article
Recently updated
Setting up Google SAML/SSO
Who is this article for?IT Personnel who want to learn to configure SSO for Google users.
Super Admin permissions are required.
This guide is intended to help configure single sign on/SAML 2.0 for Lucidity Software to be able to authenticate against your Google users.
1. Setting up Google SSO
- Log in to Google Admin Console with an account that has Super Admin privileges.
- Navigate to Apps then Web and mobile apps in the left-hand-side menu.
- Click Add App then Add custom SAML app in the center of the "Web and mobile apps" screen.
- In the Add custom SAML app modal:
- Enter an appropriate "App name" (e.g., "Lucidity").
- Optionally select a new icon.
- Click Continue.
- On the next screen:
- Download metadata from Option 1.
- Send this file to your Lucidity Customer Representative.
- Click Continue.
Note: You can also retrieve this data after app setup
- In the "Service provider details" screen, enter the following:
Note: Leave the Name ID format and Name ID values as default and replace {clientName} with your Lucidity instance's subdomain and {domain} with your Lucidity domain (luciditysoftware.com.au or lucidity.io).
- Click Continue.
- In the "Attribute mapping" screen:
- Click Add mapping.
- Set Google Directory attributes to: Basic Information > Primary email
- Set App attributes to: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
- Select category: Basic Information
- Select user field: Primary Email
Note: The value should match the username naming conventions in Lucidity. For email-based usernames, only the first part is required (e.g., bob.smith@somewhere.com becomes bob.smith for authentication).
- Click Finish.
- Enable the App:
- Return to the main SAML app index.
- Select the newly created app.
- Click User access.
-
- Choose either ON for everyone or select required group(s) from the left-hand-side.
- Click Save.
Tip: If you haven't already, send the metadata.xml file to your Lucidity Customer Representative.