Skip to main content

Configuration of SAML Identity Provider

This document outlines the process for configuring integrated centralised identity and access management control. Key benefits are Single Sign-On experience and possibility to manage organisation users and Willba access in centralised way.

This document outlines step-by-step guide for Google Workspace SAML identity provider configuration. This documentation is relevant for Willba customer company IT person who has access to the company's Google Workspace admin.

The configuration process is divided into following steps.

Step 1: App Setup

  1. Navigate to the Google Workspace Admin Panel.
  2. Select Apps from the side menu, then click on Web and mobile apps.
  3. Click on the Add app button.
  4. In the dropdown menu that appears, select Add custom SAML app.

Create SAML Application

Step 2: App Configuration

  1. Name your new app Willba.
  2. Click Continue to proceed to the next step.
  3. Download the metadata file. This file will be needed for communication between Willba and Google Workspace, so ensure you store it securely.

Download Metadata

  1. Share the downloaded metadata file with your Willba contact person.
  2. Click Continue to move to the next step.

SAML Application Settings

  1. Configure the SAML settings with the following values:
    • ACS URL: https://auth.willba.app/realms/{realm-name}/broker/saml/endpoint
    • Entity ID: https://auth.willba.app/realms/{realm-name}
tip

Replace {realm-name} with the value provided by your Willba contact person.

  1. Map the attributes as follows: firstName, lastName, email (see image below for reference).
  2. Add relevant Google Groups into Group membership mapping. Use App attribute name groups
  3. Click Finish to complete the app configuration.

Set Attributes

tip

Take screenshot(s) of your attribute mappers to share it with your Willba contact person.

Step 3: User Access Setup

  1. Navigate to User Access within the app settings.
  2. Set the application status to ON for everyone.
  3. Click Save to apply the changes.

This process allows all users in your Google Workspace to access Willba via SSO (Single Sign-On) functionality.

You can also specify the organisation unit or group if only some should have access.

Step 4: Finalization

The login will work after the Willba contact person adds the SAML settings to the application.

Make sure to test the setup with a few users to confirm everything is working as expected. If you encounter any issues, please reach out to your Willba contact person.

Documentation for Keycloak SAML settings for Willba contact person.