To set up Insightful Single Sign-On [SSO] using Google, one needs to follow a structured set of configuration steps that will allow users to authenticate using their Google accounts.
Step 1: Enable SSO in Insightful
Log in to your Insightful account as an administrator.
In the left-hand navigation menu navigate to the Settings.
In the Settings list select the Security and Identity card.
4. On the Security and Identity page, select the Configure SAML
Step 2: Configure Google as the SSO Provider
Open the Google Admin Console in the new browser tab/window.
Select your project or create a new project if needed.
In the left-hand navigation menu, go to Apps and then Web and mobile apps.
4. Click on the Add app label and select Add custom SAML app
5. On the opened screen fill in the custom app (Insightful) details and select Continue.
6. On the following screen, Google Identity Provider details are shown:
Step 3: Configure Insightful with Google SSO details
Return to the browser tab/window where your Insightful app is open to start filling in the SAML Configuration
Fill in all the fields below to configure SAML:
Name - Enter a name to identify the Identity provider (e.g. Google)
Issuer ID - Copy/Paste the generated Entity ID from the Google Admin Console
Login URL - Copy/Paste the generated SSO URL from the Google Admin Console
Identity Provider Certificate - Download/Import or copy/paste the generated Certificate from the Google Admin Console
3. Once all fields are filled in click on the Next step button
4. On the following screen click on the Next step button again
5. Verify that SAML integration step has been reached. Here we need to switch and continue the configuration on Google's end.
Step 4: Configure service provider details
Return to the browser tab/window where your Google Admin panel is open to start filling in service provider details
Fill in all the fields below to configure SAML:
ACS URL - Enter https://app.insightful.io/api/v1/sso-public/saml/assertion (Please note that you should replace the app with your environment if you are not using the default environment - e.g. https://eu.insightful.io/api/v1/sso-public/saml/assertion)
Entity ID - Enter https://app.insightful.io (Please note that you should replace the app with your environment if you are not using the default environment - e.g. https://eu.insightful.io)
Start URL - Leave the field blank
Signed response - Select the checkbox
Name ID format - Select UNSPECIFIED
Name ID - Select Basic information → Primary email
3. Once the form is filled in, select the Continue button
Step 5: Configure attribute mappings
Click on the Add mapping button
2. Add the following mappings:
3. Click on the Finish button.
If everything is configured well, you’ll be redirected to the custom SAML app overview screen.
Step 6: Configure user access
On the Google Admin panel - SAML app overview screen, click on the arrow located at the top-right side of the User access tab to expand the settings.
2. On the Service access screen allow access for entities that should have access to Insightful
3. Once the access is configured make sure to save the changes
Step 7: Verify SAML Integration
Return to the browser tab/window where your Insightful app is open and click on the Verify SAML button to verify the SAML integration
2. On the following screen select your Google account
3. When prompted to link accounts click on the Yes, Link Account button
4. On the following screen enter the 6 digit code that is sent via email and click on the Verify button.
5. Your SAML SSO is configured & Verified