This guide will walk you through how to setup Single Sign-On between Expiration Reminder and G Suite.
Setting up G Suite
To configure G Suite, first get the certificate information from G Suite. For this, click on the main menu in G Suite top left corner, click on Security and then on Settings.
Then click on Set up single-on (SSO) for SAML applications
From the identity provider details, you'll need:
SSO URL
Entity ID
Certificate
Configuring SSO in Expiration Reminder
To configure SSO in your Expiration Reminder account, on the top menu click on Your Account, then on Settings.
Then click on Features on the left menu.
Then click on Configure SSO/SAML.
In the SSO screen configure the following fields:
Issuer: this is usually the Entity ID in G Suite. by your directory provider. If possible, Expiration Reminder will try to get the sign on url, the sign out url and the certificate automatically from this metadata url.
Single Sign On (SSO) url: this is the url users will be redirected to for login in. In G Suite this is the SSO URL.
Single Log Out (SLO) url: this is the url provided by your Identity Provider for signing out.
X.509 certificate: this is the certificate provided by your Identity Provider to authenticate the login request. This is the Certificate 1 in G Suite.
Enable for Users: This will allow users in Expiration Reminder to be able to use SSO to login to the application. They’ll still be able to use their own Expiration Reminder password if they’d like to.
Enforce SSO login: This option will prevent users from using their Expiration Reminder password to login and will force them to use the credentials from the Identity Provider.
Click Update to save your settings.
For setting up the SSO on Google G Suite using Expiration Reminder's information:
The ACS URL is: https://app.expirationreminder.net/sso/metadata
The Entity ID is: https://www.expirationreminder.net/