Create SAML application in Google Workspace
Use this procedure to configure Single Sign-On (SSO) between your DigiCert® account and Google Workspace using SAML 2.0.
You’ll need to complete setup in both DigiCert and Google Workspace, and switch between the two tabs to exchange URLs and metadata.
Once completed, users in your account will be able to sign in to DigiCert from their Google Workspace dashboard or via the DigiCert sign in page with their Google Workspace credentials.
Nota
For more information, refer to Google Workspace.
Before you begin
You'll need elevated privileges in DigiCert account and Google Workspace to configure SSO:
Account admin user group required in DigiCert account.
Application Administrator or equivalent role required in Google Workspace.
Step 1: Open DigiCert account
In the DigiCert® account menu, select the Accounts icon > Sign-in methods.
Select Single sign-on with SAML.
Leave this window open.
Step 2: Open Google Workspace
Sign in to the Google Admin console.
In the left-hand navigation menu, navigate to Apps > Web and mobile apps.
In the App name field, enter DigiCert account.
In the Description field, enter a custom description.
Example: DigiCert's single login experience
In the App icon field, upload the DigiCert icon.
Select Continue.
In the Download IdP metadata section, select Download metadata.
Select Continue.
Leave this window open.
Step 3: Back in DigiCert account
In the Connect your IdP to DigiCert section, select Upload IdP metadata.
In the Connect DigiCert to your IdP section, copy the SSO URL.
In the Enable/Disable SSO with SAML section, toggle to enable SSO.
Select Save configuration.
Step 4: Back in Google Workspace
Paste the SSO URL in both of these fields:
ACS URL
Entity ID
In the Name ID format field, select Email.
In the Name ID field, keep the default Basic information > Primary email.
Select Continue.
In the Attributes section, select Add mapping.
Below the Google Directory attributes field, select Primary email.
Below the App attributes field, type email.
Select Finish.
Go to Apps > Web and mobile apps.
Select the DigiCert app you just created.
In the User access section, select View details.
In the Organizational units section, select the group you want to assign.
In the Service status field, select the radio button next to On.
Select Save.
Sugerencia
Need help? Create a Organizational Unit in Google Workspace.
Go to Apps > Web and mobile apps.
Select the DigiCert app you just created.
On the DigiCert app overview, select TEST SAML LOGIN.
In the Can't test SAML login modal, select Allow access.
In the Service status field, select the radio button next to ON for everyone.
Select Save.
Return to the DigiCert app overview, select TEST SAML LOGIN.
Sugerencia
Your SAML app is configured correctly if you are redirected to DigiCert account and asked to complete two-factor authentication (2FA).
If you are not redirected to the 2FA page in DigiCert account, please compare your app settings to the instructions above or contact DigiCert support for assistance.
DigiCert logos
Use of DigiCert's logo must at all times comply with DigiCert brand guidelines, including the DigiCert Trademark Usage Guidelines available at https://www.digicert.com/legal-repository/ (as updated from time to time).
DigiCert logo's for SSO configuration.