Google SSO with SAML

Connect Catalog to Google Workspace using Single sign-on (SSO) with SAML. This guide walks you through registering a SAML app in Google Workspace and configuring it in Catalog.

Prerequisites

Before you begin, ensure you have the right access. You must be an administrator or have security privileges on your company’s Google Workspace.

Setup Your Google Workspace

Configure the SAML app in your Google Workspace admin console.

1. In your Google Workspace admin console, go to Apps > Web and mobile apps and click Add custom SAML app.

   

2. In App details, add the app name.

   

3. In Google Identity Provider details, you'll see Option 2: Copy the SSO URL, entity ID, and certificate. Save the SSO URL and certificate for later.

   

4. In Service provider details, set the ACS URL to:

   1. https://api.castordoc.com/auth/saml/callback for accounts using app.castordoc.com
   2. https://api.us.castordoc.com/auth/saml/callback for accounts using app.us.castordoc.com

5. Set the entity_id to production-castorSAML.

   

6. In Attribute mapping, add these attributes in the exact format below so Catalog can read them.

   1. First name = firstName
   2. Last name = lastName
   3. Primary email = email
   

Add to Catalog

Enter the SSO credentials you saved in Catalog.

1. In Catalog, go to Settings > Authentication.
2. Enter the SSO URL and Certificate.