Skip to main content
All CollectionsSecurity & Data PrivacySingle Sign-On [SSO]
Set up Insightful SAML SSO using Google
Set up Insightful SAML SSO using Google

Learn how set up Insightful Security Assertion Markup Language (SAML) Single Sign-On (SSO) using Google

Petar Jelaca avatar
Written by Petar Jelaca
Updated over 3 weeks ago

To set up Insightful Security Assertion Markup Language (SAML) Single Sign-On (SSO) using Google, one needs to follow a structured set of configuration steps that will allow users to authenticate using their Google accounts.

Step 1: Enable SAML SSO in Insightful

  1. Log in to your Insightful account as an administrator.

  2. In the left-hand navigation menu navigate to the Settings.

  3. In the Settings list select the Security and Identity card.

4. On the Security and Identity page, select the Configure SAML

Step 2: Configure Google as the SAML SSO Provider

  1. Open the Google Admin Console in the new browser tab/window.

  2. Select your project or create a new project if needed.

  3. In the left-hand navigation menu, go to Apps and then Web and mobile apps.

4. Click on the Add app label and select Add custom SAML app

5. On the opened screen fill in the custom app (Insightful) details and select Continue.

6. On the following screen, Google Identity Provider details are shown:

Step 3: Configure Insightful with Google SAML SSO details

  1. Return to the browser tab/window where your Insightful app is open to start filling in the SAML SSO Configuration

  2. Fill in all the fields below to configure SAML SSO:

    1. Name - Enter a name to identify the Identity provider (e.g. Google)

    2. Issuer ID - Copy/Paste the generated Entity ID from the Google Admin Console

    3. Login URL - Copy/Paste the generated SAML SSO URL from the Google Admin Console

    4. Identity Provider Certificate - Download/Import or copy/paste the generated Certificate from the Google Admin Console

3. Once all fields are filled in click on the Next step button

4. On the following screen click on the Next step button again

5. Verify that SAML integration step has been reached. Here we need to switch and continue the configuration on Google's end.

Step 4: Configure service provider details

  1. Return to the browser tab/window where your Google Admin panel is open to start filling in service provider details

  2. Fill in all the fields below to configure SAML SSO:

    1. ACS URL - Enter https://app.insightful.io/api/v1/sso-public/saml/assertion (Please note that you should replace the app with your environment if you are not using the default environment - e.g. https://eu.insightful.io/api/v1/sso-public/saml/assertion)

    2. Entity ID - Enter https://app.insightful.io (Please note that you should replace the app with your environment if you are not using the default environment - e.g. https://eu.insightful.io)

    3. Start URL - Leave the field blank

    4. Signed response - Select the checkbox

    5. Name ID format - Select UNSPECIFIED

    6. Name ID - Select Basic information → Primary email

3. Once the form is filled in, select the Continue button

Step 5: Configure attribute mappings

  1. Click on the Add mapping button

2. Add the following mappings:

3. Click on the Finish button.

If everything is configured well, you’ll be redirected to the custom SAML SSO app overview screen.

Step 6: Configure user access

  1. On the Google Admin panel - SAML app overview screen, click on the arrow located at the top-right side of the User access tab to expand the settings.

2. On the Service access screen allow access for entities that should have access to Insightful

3. Once the access is configured make sure to save the changes

Step 7: Verify SAML SSO Integration

  1. Return to the browser tab/window where your Insightful app is open and click on the Verify SAML button to verify the SAML SSO integration

2. On the following screen select your Google account

3. When prompted to link accounts click on the Yes, Link Account button

4. On the following screen enter the 6 digit code that is sent via email and click on the Verify button.

5. Your SAML SSO is configured & Verified

Did this answer your question?