This help document introduces you to SSO and IdPs and how to configure SAML SSO for Rocketlane using Google IdP.
What is SSO?
Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.
What are Identity Providers (IdPs)?
An identity provider (IdP) is a service that stores and verifies user identity. IdPs are typically cloud-hosted services, and they often work with single sign-on (SSO) providers to authenticate users. Some examples of IdPs are Okta, Google Workspace and azure AD.
Creating a SAML SSO App Integration using Google
- Go to admin.google.com and login through your Google admin id. You will be redirected to the Google Admin Console.
- From the Google Admin Console go to Menu > Apps > Web and Mobile apps.
- Click Add app > Add custom SAML app.
- Under 'App details' add App name, Description and App icon. Click Continue.
- The 'Google Identity Provider details' page displays the SSO URL, Entity ID and Certificate.
Authenticating Google Identity Provider details with Rocketlane
- From your Rocketlane account, go to Settings > Security.
- Click on the 'Setup SAML SSO' button.
- The 'Setup SAML SSO' dialog box opens at the 'Configure SAML Single Sign On' page.
You have to add details from your IDP to this dialog box.
- Copy values from the 'Google Identity Provider details' page to your 'SAML SSO setup' dialog box in Rocketlane according to this table:
Google Identity Provider details page Rocketlane App: Configure SAML Single Sign On SSO URL IDP Login URL Entity ID IDP Entity ID Certificate X.509 Certificate
Note: After copying and pasting the certificate, please delete the header and footer.
Authenticating Service Provider details with Google
- Click Next from the 'Setup SAML SSO' dialog box in Rocketlane.
- This will take you to the 'SAML Configuration for your IDP' page.
The Service Provider details mentioned here will help to authenticate with the IDP.
- Click Continue on 'Google Identity Provider Details' page.
- The 'Service Provider details' page opens.
This page allows you to add the Service provider details to authenticate the SAML app.
- Copy the Service Provider details from Rocketlane to Google's 'Service Provider details' page.
Rocketlane: SAML Configuration for your IDP Google: Service Provider Details page Rocketlane's (SP) Entity ID Entity ID Rocketlane's (SP) Login URL ACS URL
SAML Attribute mapping
- Click Continue from the 'Service Provider details' page from the Google Admin console.
- This will take you to the 'Attribute mapping' page. Click 'Add mapping' under the Attributes section to add a new mapping.
- Select the following values to add mapping:
Google Directory Attributes App Attributes Primary email email Primary email username - Click Finish.
- You will be redirected to the SAML app that you created using the Google Admin Console.
Adding Users to your SAML App in Google
- Under the 'User Access' section , click on 'View Details'.
- By default it opens at 'All users in this account' page. You can select 'ON for everyone' option in case you want everyone to have access to your SAML app.
- Or go to Groups and search for a user group and select it.
- Select the 'Service Status' checkbox which says 'ON' and click Save.
Logging in to Rocketlane using SAML SSO
- Go to your Rocketlane login.
- Choose the 'Sign in with SSO' option.
- Enter your credentials in the Google page. You will be redirected to Rocketlane.
Hey! Here's hoping that this support document was useful. You can write to us at care@rocketlane.com in case of any queries.