Setting Up Google SSO

This document outlines the steps required to set up Google SSO with StepSecurity.

StepSecurity uses AWS Cognito as the service provider for the SSO experience.

Setup Instructions

Step 1: Access Google Admin Console

• Log in to your Google Workspace as an Administrator.

• From the left sidebar, navigate to:

  Apps → Web and mobile apps

Step 2: Add a New Custom SAML App

• Click Add App ➔ Add custom SAML app.

Step 3: Configure App Details

• Name the app: StepSecurity

Step 4: Download Google SAML Metadata

• Download the metadata file provided during this step.

• Securely share the metadata file with StepSecurity.

Step 5: Enter Service Provider Details

On the "Service Provider Details" page:

• ACS URL: https://login.app.stepsecurity.io/saml2/idpresponse

• Entity ID: urn:amazon:cognito:sp:us-west-2_PGbAJDNzx

Leave other fields as default and continue.

Step 6: Map Identity Attributes

• In the "Attribute Mapping" section:

  • Map Primary Email ➔ email.

• After completing the mapping, click Finish to complete app creation.

Step 7: Enable the SAML App

• In the created SAML app page:

  • First set the app to OFF for everyone.

  • Then switch it ON for everyone.

  • Click Save to apply changes.

Step 8: Verification and Finalization

• StepSecurity will notify you once SSO is successfully set up.

• After setup:

  • Users can log in by entering their email under the "Sign in with your corporate ID" section on the StepSecurity login page.