This guide will walk you through how to setup Single Sign-On between Expiration Reminder and Google Workspace (formerly G Suite).
Setting up Google Workspace
To configure Google Workspace, first get the certificate information from Google Workspace. For this, click on the main menu in Google Workspace top left corner, click on Security and then on Settings.
Then click on Set up single-on (SSO) for SAML applications
From the identity provider details, you'll need:
Configuring SSO in Expiration Reminder
To configure SSO in your Expiration Reminder account, on the top menu click on Your Name in the top-right corner, then on Settings from the drop-down menu.
Then click on Features on the left menu.
Then click on Configure SSO/SAML.
In the SSO screen configure the following fields:
Issuer: this is usually the Entity ID in G Suite. by your directory provider. If possible, Expiration Reminder will try to get the sign on url, the sign out url and the certificate automatically from this metadata url.
Single Sign On (SSO) url: this is the url users will be redirected to for login in. In G Suite this is the SSO URL.
Single Log Out (SLO) url: this is the url provided by your Identity Provider for signing out.
X.509 certificate: this is the certificate provided by your Identity Provider to authenticate the login request. This is the Certificate 1 in G Suite.
Enable for Users: This will allow users in Expiration Reminder to be able to use SSO to login to the application. They’ll still be able to use their own Expiration Reminder password if they’d like to.
Enforce SSO login: This option will prevent users from using their Expiration Reminder password to login and will force them to use the credentials from the Identity Provider.
Click Update to save your settings.
For setting up the SSO on Google Workspace/G Suite using Expiration Reminder's information:
The ACS URL is: https://app.expirationreminder.net/sso/metadata
The Entity ID is: https://www.expirationreminder.net/