Setting Up Google SSO

This document outlines the steps required to set up Google SSO with StepSecurity.

StepSecurity uses AWS Cognito as the service provider for the SSO experience.

Setup Instructions

Step 1: Access Google Admin Console

Log in to your Google Workspace as an Administrator.
From the left sidebar, navigate to:
Apps → Web and mobile apps

Step 2: Add a New Custom SAML App

Click Add App ➔ Add custom SAML app.

Step 3: Configure App Details

Name the app: StepSecurity
(Optional) Add a description and upload the StepSecurity logo: StepSecurity Logo

Step 4: Download Google SAML Metadata

Download the metadata file provided during this step.
Securely share the metadata file with StepSecurity.

Step 5: Enter Service Provider Details

On the StepSecurity App navigate to Admin Console → Security & Auth → Configure SSO → Google Workspace

Copy the values displayed there and provide them in the corresponding fields in "Service Provider Details" page

Step 6: Map Identity Attributes

In the "Attribute Mapping" section:
- Map Primary Email ➔ email.
Under Group membership add your user groups that will be assigned to this app and map it to 'Groups' attribute. This enables StepSecurity’s SCIM-like functionality — for example, you can use Google Workspace groups and map them to roles in the StepSecurity dashboard.

You should only pass specific groups to the StepSecurity platform. If the app passes all group memberships, it may exceed the maximum request body size.

After completing the mapping, click Finish to complete app creation.Is

Step 7: Enable the SAML App

In the created SAML app page:
- First set the app to OFF for everyone.
Then switch it ON for everyone.
Click Save to apply changes.

Step 8: Verification and Finalization

On the StepSecurity App share the Email Domains and Metadata file and submit the configuration

On the StepSecurity Security & Auth page you can test the integration

After setup:
- Users can log in by entering their email under the "Sign in with your corporate ID" section on the StepSecurity login page.

Step 9 (Optional): Access StepSecurity console directly from Google App:

To get your RelayState value go to the StepSecurity App and navigate to Admin Console → Security & Auth → Configure SSO → Microsoft Entra ID → Step 4

In Google Admin:
- Go to Apps → Web and mobile apps → StepSecurity app → Service provider details,
  then enter the URL under Start URL.

PreviousSetting up Auth0 SSO NextSetting Up Okta SSO

Last updated 2 months ago

Was this helpful?

hashtagSetup Instructions

hashtagStep 1: Access Google Admin Console

hashtagStep 2: Add a New Custom SAML App

hashtagStep 3: Configure App Details

hashtagStep 4: Download Google SAML Metadata

hashtagStep 5: Enter Service Provider Details

hashtagStep 6: Map Identity Attributes

hashtagStep 7: Enable the SAML App

hashtagStep 8: Verification and Finalization

hashtagStep 9 (Optional): Access StepSecurity console directly from Google App:

Setup Instructions

Step 1: Access Google Admin Console

Step 2: Add a New Custom SAML App

Step 3: Configure App Details

Step 4: Download Google SAML Metadata

Step 5: Enter Service Provider Details

Step 6: Map Identity Attributes

Step 7: Enable the SAML App

Step 8: Verification and Finalization

Step 9 (Optional): Access StepSecurity console directly from Google App: