Introduction
SAML or Security Assertion Markup Language is an identification process that allows you to login into multiple websites by just using one login credential. This creates ease of access and managing multiple login details for emails, CRMs, and other services will be more efficient.
This guide is separated into 2 major portions and each will need to be completed for the feature to work seamlessly for your JustLogin account
Terms to remember:
Identity Provider (IdP) – stores and authenticates the user’s credentials and sends data to the Service Provider. An example of IdP is Microsoft Azure Active Directory
Service Provider (SP) – These are the software that we use to perform our work-related tasks, like JustLogin, SalesForce, QBO, Dropbox, etc.
NOTE: For SAML to work, the usernames must be the email address. This is the only format that the system recognizes as the unique identifier. If you need to modify the usernames in your system and is unable to do so, please contact our support team: support@justlogin.com
Part 1 – Enabling SAML on Service Provider (JustLogin)
The steps shown below is an example of how to setup JustLogin with Microsoft Azure AD
Step 1: Log in to your account
Step 2: Go to UserAdmin
Step 3: Head to the tab at the top
Step 4: Click on the SSO sub-tab
Step 5: The page you will see next is similar to below:
Step 6: Toggle the slider to enable SAML
Step 7: The information on this portion is already set as a default upon enabling the SAML feature for your JustLogin account (Service Provider).
Step 8: On the right column are information that needs to be completed. These are data that can be taken from your identity provider (IdP), in this case Google Workspace
Part 2 – Setting up JLI on Google Workspace
Step 1: Log in to admin.google.com (You must be the admin of your company’s Google Workspace account)
Step 2: The page below is what you will see next:
Step 3: Click on the menu icon in the upper left corner of the page:
Step 4: Click on Apps and then SAML apps
Step 5: Go to Add App. This is where you can add the other service providers your company is using
Step 6: Click on Add custom SAML app
Step 7: On the next page, you will need to complete the fields accordingly:
App Name – Input JustLogin
App Icon – You can upload the logo of JustLogin into this field
Step 8: Click on Continue
Step 9: The information that you will see on the next page are what needs to be input into the page in Part 1 of this guide
Step 10: Click on the “copy” icon for the SSO URL
Step 11: Download the Certificate by clicking on the download icon
Step 12: Go back to the JustLogin SAML/SSO setup page (Do steps 1-5 of Part 1)
Step 13: Paste what you have just copied (SSO URL) into these fields:
Step 14: For the certificate, click on the box and upload the certificate you have just downloaded
NOTE: If the file extension is .pem, please rename it to .cer
Step 15: If the certificate has been successfully uploaded, you should be able to see this on your screen:
Step 16: Click on . This completes the setup in JustLogin.
Step 17: Go back to the Google Workspace Admin page. We will need to complete the details for the setup on your Google Workspace.
Step 18: From the Add SAML app page, click on continue
Step 19: The next page needs to be completed with information from JustLogin SSO setup
Step 20: For the entity ID field, copy the information from the JustLogin SSO setup page:
From here, copy:
To this field, paste:
Step 21: For the ACS URL, copy the information from the JustLogin SSO setup page:
From here, copy:
To this field, paste:
Step 22: The rest of the fields are optional, and can be left blank
Step 23: Click on
Step 24: On the next page, just click on
Step 25: You should be able to see JustLogin added as a SAML app on your Google Workspace
Notice that under the user access column it’s set to OFF for everyone. This is set as a default by Google and we will need to enable it for everyone
- Click on
- On the next page, this is what you’ll see
- Click on View Details
- And then choose ON for Everyone
- Click on
Once done, each of the users in your Google Workspace account will be able to see JustLogin in their app drawer:
If the user clicks on the JustLogin icon, another tab will be opened for JustLogin and they are automatically logged in. No need to log in or input their login details.