StepSecurity
ResourcesCompanyPricingInstall StepSecurity AppLogin
  • Introduction
  • Getting Started
    • Quickstart (Community Tier)
      • Getting Started with Secure Workflow
      • Getting Started with Secure Repo
      • Getting Started with Harden Runner
    • Quickstart (Enterprise Tier)
  • Overview
  • Harden-Runner
    • Workflow Runs
    • All Destinations
    • Detections
    • GitHub Checks
    • Suppression Rules
    • Policy Store
    • Self-Hosted Runners
    • Runbooks
      • Anomalous Outbound Network Calls
      • How to Determine Minimum Token Permissions
  • Orchestrate Security
    • Secure Workflow
    • Secure Repo
    • Policy-based PRs
    • Pull Requests
  • Run Policies
    • Policies
    • Policy Evaluations
  • Artifact Monitor
  • Actions Secret
  • Actions
    • GitHub Actions In Use
    • Reusable Workflows
    • GitHub Actions Score
    • StepSecurity Maintained Actions
  • Settings
    • Notifications
    • Self-Hosted Runners
    • API Key
    • GitHub Checks
    • Control Evaluation
  • Admin Console
    • Resources
    • S3 Integration
    • Members
    • Security & Auth
      • Setting Up Google SSO
      • Setting Up Okta SSO
      • Setting Up Microsoft Entra (Azure AD)
    • Audit Logs
  • Partnerships
    • RunsOn
  • Who's Using Harden-Runner?
  • Enterprise Readiness
  • Guides
    • How to enable network and runtime monitoring (Harden-Runner) for runners
    • How to restrict network connections to explicitly allowed endpoints
    • How do I authenticate with the StepSecurity app
    • How should I improve the security of third-party actions in my organization
    • How should I reduce the number of Harden-Runner anomalous endpoint alerts
    • How can developers see and fix StepSecurity findings without security’s help?
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Admin Console
  2. Security & Auth

Setting Up Google SSO

PreviousSecurity & AuthNextSetting Up Okta SSO

Last updated 26 days ago

Was this helpful?

This document outlines the steps required to set up Google SSO with StepSecurity.

StepSecurity uses AWS Cognito as the service provider for the SSO experience.

Note: StepSecurity-based SSO only allows login initiated by the Service Provider (SP-initiated login).

Setup Instructions

Step 1: Access Google Admin Console

  • Log in to your Google Workspace as an Administrator.

  • From the left sidebar, navigate to:

    Apps → Web and mobile apps

Step 2: Add a New Custom SAML App

  • Click Add App âž” Add custom SAML app.

Step 3: Configure App Details

  • Name the app: StepSecurity

Step 4: Download Google SAML Metadata

  • Download the metadata file provided during this step.

  • Securely share the metadata file with StepSecurity.

Step 5: Enter Service Provider Details

On the "Service Provider Details" page:

  • ACS URL: https://login.app.stepsecurity.io/saml2/idpresponse

  • Entity ID: urn:amazon:cognito:sp:us-west-2_PGbAJDNzx

Leave other fields as default and continue.

Step 6: Map Identity Attributes

  • In the "Attribute Mapping" section:

    • Map Primary Email âž” email.

  • After completing the mapping, click Finish to complete app creation.

Step 7: Enable the SAML App

  • In the created SAML app page:

    • First set the app to OFF for everyone.

    • Then switch it ON for everyone.

    • Click Save to apply changes.

Step 8: Verification and Finalization

  • StepSecurity will notify you once SSO is successfully set up.

  • After setup:

    • Users can log in by entering their email under the "Sign in with your corporate ID" section on the StepSecurity login page.

(Optional) Add a description and upload the StepSecurity logo:

StepSecurity Logo