SAML for JustLogin Using Google Workspace

Introduction 

SAML or Security Assertion Markup Language is an identification process that allows you to login into multiple websites by just using one login credential. This creates ease of access and managing multiple login details for emails, CRMs, and other services will be more efficient.

This guide is separated into 2 major portions and each will need to be completed for the feature to work seamlessly for your JustLogin account

 

Terms to remember:

Identity Provider (IdP) – stores and authenticates the user’s credentials and sends data to the Service Provider. An example of IdP is Microsoft Azure Active Directory

Service Provider (SP) – These are the software that we use to perform our work-related tasks, like JustLogin, SalesForce, QBO, Dropbox, etc.

 

NOTE: For SAML to work, the usernames must be the email address. This is the only format that the system recognizes as the unique identifier. If you need to modify the usernames in your system and is unable to do so, please contact our support team: support@justlogin.com 

 

Part 1 – Enabling SAML on Service Provider (JustLogin)

The steps shown below is an example of how to setup JustLogin with Microsoft Azure AD

Step 1: Log in to your account

Step 2: Go to UserAdmin

mceclip4.png

Step 3: Head to the mceclip5.png tab at the top

Step 4: Click on the SSO sub-tab

mceclip6.png

Step 5: The page you will see next is similar to below:

mceclip7.png

Step 6: Toggle the slider to enable SAML mceclip8.png

Step 7: The information on this portion is already set as a default upon enabling the SAML feature for your JustLogin account (Service Provider).

mceclip9.png

Step 8: On the right column are information that needs to be completed. These are data that can be taken from your identity provider (IdP), in this case Google Workspace

mceclip10.png

Part 2 – Setting up JLI on Google Workspace

Step 1: Log in to admin.google.com (You must be the admin of your company’s Google Workspace account)

Step 2: The page below is what you will see next:

mceclip0.png

Step 3: Click on the menu icon in the upper left corner of the page:

mceclip1.png

Step 4: Click on Apps and then SAML apps

mceclip2.png

Step 5: Go to Add App. This is where you can add the other service providers your company is using

mceclip3.png

Step 6: Click on Add custom SAML app

mceclip4.png

Step 7: On the next page, you will need to complete the fields accordingly:

mceclip5.png

App Name – Input JustLogin

App Icon – You can upload the logo of JustLogin into this field

 

Step 8: Click on Continue

mceclip6.png

Step 9: The information that you will see on the next page are what needs to be input into the page in Part 1 of this guide

mceclip7.png

Step 10: Click on the “copy” icon for the SSO URL

mceclip8.png

Step 11: Download the Certificate by clicking on the download icon

mceclip9.png

Step 12: Go back to the JustLogin SAML/SSO setup page (Do steps 1-5 of Part 1)

mceclip10.png

Step 13: Paste what you have just copied (SSO URL) into these fields:

mceclip11.png

Step 14: For the certificate, click on the box and upload the certificate you have just downloaded

NOTE: If the file extension is .pem, please rename it to .cer

mceclip12.png

 

Step 15: If the certificate has been successfully uploaded, you should be able to see this on your screen:

mceclip13.png

Step 16: Click on mceclip14.png . This completes the setup in JustLogin.

 

Step 17: Go back to the Google Workspace Admin page. We will need to complete the details for the setup on your Google Workspace.

 

Step 18: From the Add SAML app page, click on continue

mceclip15.png

Step 19: The next page needs to be completed with information from JustLogin SSO setup

mceclip16.png

Step 20: For the entity ID field, copy the information from the JustLogin SSO setup page:

From here, copy:

mceclip17.png
To this field, paste:

mceclip18.png

Step 21: For the ACS URL, copy the information from the JustLogin SSO setup page:

From here, copy:

mceclip19.png

To this field, paste:

mceclip20.png

Step 22: The rest of the fields are optional, and can be left blank

mceclip21.png

Step 23: Click on mceclip22.png

Step 24: On the next page, just click on mceclip23.png

Step 25: You should be able to see JustLogin added as a SAML app on your Google Workspace

mceclip24.png

Notice that under the user access column it’s set to OFF for everyone. This is set as a default by Google and we will need to enable it for everyone

  1. Click on mceclip25.png
  2. On the next page, this is what you’ll see mceclip26.png
  3. Click on View Details mceclip27.png
  4. And then choose ON for Everyone mceclip28.png
  5. Click on mceclip29.png

Once done, each of the users in your Google Workspace account will be able to see JustLogin in their app drawer:

mceclip30.png

If the user clicks on the JustLogin icon, another tab will be opened for JustLogin and they are automatically logged in. No need to log in or input their login details.

Was this article helpful?
2 out of 3 found this helpful