Setting Up Google SSO

This document outlines the steps required to set up Google SSO with StepSecurity.

StepSecurity uses AWS Cognito as the service provider for the SSO experience.

Setup Instructions

Step 1: Access Google Admin Console

  • Log in to your Google Workspace as an Administrator.

  • From the left sidebar, navigate to:

    Apps → Web and mobile apps

Step 2: Add a New Custom SAML App

  • Click Add AppAdd custom SAML app.

Step 3: Configure App Details

  • Name the app: StepSecurity

  • (Optional) Add a description and upload the StepSecurity logo: StepSecurity Logo

Step 4: Download Google SAML Metadata

  • Download the metadata file provided during this step.

  • Securely share the metadata file with StepSecurity.

Step 5: Enter Service Provider Details

On the "Service Provider Details" page:

  • ACS URL: https://login.app.stepsecurity.io/saml2/idpresponse

  • Entity ID: urn:amazon:cognito:sp:us-west-2_PGbAJDNzx

  • [Optional] For Idp Initiated login, we can enter Start URL as following:

RelayState=identity_provider%3D{{IDP_NAME_IN_COGNITO}}%26client_id%3Dq1v7a8skmmdmr9a3kv29013g5%26redirect_uri%3Dhttps%253A%252F%252F{{DOMAIN}}.stepsecurity.io%252Fauth%252Fcognito%252Fcallback%26response_type%3Dcode%26scope%3Demail%2Bopenid%2Bphone%2Bprofile

Step 6: Map Identity Attributes

  • In the "Attribute Mapping" section:

    • Map Primary Emailemail.

  • After completing the mapping, click Finish to complete app creation.

Step 7: Enable the SAML App

  • In the created SAML app page:

    • First set the app to OFF for everyone.

    • Then switch it ON for everyone.

    • Click Save to apply changes.

Step 8: Verification and Finalization

  • StepSecurity will notify you once SSO is successfully set up.

  • After setup:

    • Users can log in by entering their email under the "Sign in with your corporate ID" section on the StepSecurity login page.

Step 9 (Optional): Access StepSecurity console directly from Google App:

  • Contact us to get your Start URL.

  • In Google Admin:

    • Go to Apps → Web and mobile apps → StepSecurity app → Service provider details,

      then enter the URL under Start URL.

Last updated

Was this helpful?