Setting Up Google SSO
This document outlines the steps required to set up Google SSO with StepSecurity.
StepSecurity uses AWS Cognito as the service provider for the SSO experience.
Setup Instructions
Step 1: Access Google Admin Console
Log in to your Google Workspace as an Administrator.
From the left sidebar, navigate to:
Apps → Web and mobile apps

Step 2: Add a New Custom SAML App
Click Add App ➔ Add custom SAML app.

Step 3: Configure App Details
Name the app:
StepSecurity
(Optional) Add a description and upload the StepSecurity logo: StepSecurity Logo

Step 4: Download Google SAML Metadata
Download the metadata file provided during this step.
Securely share the metadata file with StepSecurity.

Step 5: Enter Service Provider Details
On the "Service Provider Details" page:
ACS URL:
https://login.app.stepsecurity.io/saml2/idpresponse
Entity ID:
urn:amazon:cognito:sp:us-west-2_PGbAJDNzx
[Optional] For Idp Initiated login, we can enter Start URL as following:
RelayState=identity_provider%3D
{{IDP_NAME_IN_COGNITO}}
%26client_id%3Dq1v7a8skmmdmr9a3kv29013g5%26redirect_uri%3Dhttps%253A%252F%252F
{{DOMAIN}}
.stepsecurity.io%252Fauth%252Fcognito%252Fcallback%26response_type%3Dcode%26scope%3Demail%2Bopenid%2Bphone%2Bprofile

Step 6: Map Identity Attributes
In the "Attribute Mapping" section:
Map Primary Email ➔ email.
After completing the mapping, click Finish to complete app creation.

Step 7: Enable the SAML App
In the created SAML app page:
First set the app to OFF for everyone.
Then switch it ON for everyone.
Click Save to apply changes.
Step 8: Verification and Finalization
StepSecurity will notify you once SSO is successfully set up.
After setup:
Users can log in by entering their email under the "Sign in with your corporate ID" section on the StepSecurity login page.

Step 9 (Optional): Access StepSecurity console directly from Google App:
Contact us to get your Start URL.
In Google Admin:
Go to Apps → Web and mobile apps → StepSecurity app → Service provider details,
then enter the URL under Start URL.

Last updated
Was this helpful?