Configuring Single Sign-On (SSO) with Google Apps

Prerequisite - Google Apps Account with Admin Permissions

Google Apps Setup

  • Login to the Admin Portal of your Google Apps Account and go To Apps.

  • You can view a list of Google Apps and Services or existing SAML Applications in App Settings.

  • Once inside SAML Apps, add a new SAML app by clicking on the + icon and select "Setup My Own Custom App"

  • Get the IDP Information i.e. SSO URL, Entity ID and Certificate on the next step. The IDP metadata is required to configure Kumolus to allow access through Google Apps SAML Authentication.

  • On the next step, provide a Name, Description and Logo for the Custom App. This will be used to identify the custom app for everyone on your Google Apps directory

  • Map relevant attributes i.e. Name, Given Name, Role and Email Address to the SAML Application through Attribute Mapping on the next step.
    • For Role Mapping you will have to consider Kumolus Roles and map it to a Custom Field named "Department" in your Google Apps Account. This field is required to assign appropriate access levels in Kumolus CMP.
Attribute Google Apps Field Mapping
Name First Name
Given Name First Name
Role Department
E-Mail Address Primary Email

You can visit the Access Management page to know how to create the Roles in Kumolus and set Allow/Deny permissions for actions based on Department (Role).

  • You can click on Add New Mapping to create additional mappings as requested by the SAML Application.
  • Next, we will use the metadata and mappings to configure Google SSO in Kumolus.

Kumolus Setup

  1. Login to the Kumolus Marketplace
  2. In the Settings menu, Select Appliance

  3. Enter your -

Name Description
EntityID Copy Entity ID obtained from Google Apps Metadata
LoginURL Copy SSO URL from Google Apps Metadata
LogoutURL Copy SSO URL from Google Apps Metadata
Certificate Certificate obtained from Google Apps Metadata

  • Once the above steps are complete, you need to enable the Kumolus SAML App for everyone or Selected Organizations, as per your requirement and you can start accessing Kumolus CMP through your Google Apps/Gmail Login.

  • The new app will be available as a Drop Down in your Organization's Google Apps Menu for all relevant users.

  • Users can click on the Kumolus-SSO app and access the Kumolus Cloud Management Platform.

results matching ""

    No results matching ""