Google Workspace Single Sign-On via SAML
  • 04 Dec 2023
  • 1 Minute to read
  • Dark
    Light
  • PDF

Google Workspace Single Sign-On via SAML

  • Dark
    Light
  • PDF

Article Summary

Using Security Assertion Markup Language (SAML), your users can use their Google Cloud credentials to sign into Dialpad.

Let's dive into the details.

Who can use this feature

Dialpad's Google Workspace SAML integration is available on our Standard, Pro, and Enterprise plans.

If you're on a Standard or Pro level plan, you'll need to contact Customer Support to enable this feature. 

You must be signed to Google Workspace as a Super Admin to configure this integration.

Configure Google Workspace SSO SAML

First, you'll need to configure SSO with Google as SAML IdP. 

From your Google Admin Portal:

  1. Select Security
  2. Select Authentication
  3. Select SSO with SAML applications
  4. Copy the SSO URL and Entity ID
    1. You will need these details when configuring your Service Provider (SP)

  5. Select ADD CERTIFICATE
  6. Copy the certificate
    1. You will need the certificate details when configuring your Service Provider (SP)

Set up Dialpad as a SAML 2.0 Service Provider (SP)

Next, it's time to set up Dialpad as a SAML 2.0 Service Provider. 

  1. Go to https://dialpad.com/authentication/saml 
  2. Select Google from the list of providers
  3. Enter the SSO URL and Entity ID in the appropriate fields
  4. Paste the copied X.509 Certificate into the Certificate box
    • Remove “BEGIN” and “END CERTIFICATE” 
  5. Select Save

Set up Google Workspace as a SAML Identity Provider (IdP)

Now it's time to set up Google Workspace as a SAML Identity Provider.

From the Google Admin Portal:

  1. Select Apps
  2. Select Web and mobile apps
  3. Select the Add app, then Search for apps
     
  4. Enter Dialpad
  5. Select Dialpad Web (SAML)
  6. Navigate to Option 2 and enter the SSO URL, Entity ID and Certificate saved from Step 1
  7. Select Continue 
  8.  Enter the following Dialpad-specific provider details
    1. ACS URL: https://dialpad.com/saml/sso/google/your-domain.com
    2. Entity ID: https://dialpad.com/api/saml/metadata/google/your-domain.com
    3. Start URL: https://dialpad.com
    4. Leave the Signed Response box unchecked
      1. When the Signed Response box is unchecked, only the assertion is signed
      2. When the Signed Response box is checked, the entire response is signed 
    5. Set the NameID Format to Transient 
    6. Set the Name ID as the primary email 
  9. Select Continue
  10. Navigate to Attribute Mapping
  11. In the Basic Information category:
    1. Provide the "Primary Email" [Email], "First Name" [FirstName], and "Last Name" [LastName] 
    2. Select Finish

Turn on SSO for Dialpad 

Now it's time to turn on SSO for your Dialpad App

From the Google Admin console:

  1. Navigate to Apps
  2. Select Web and mobile apps
  3. Select Dialpad
  4. Select User Access
  5. Select On for everyone
  6. Select Save

Verify SSO is working between Google Workspace and Dialpad

Now it's time to do a final check and verify that SSO works between Google Workspace and Dialpad.

  1. Open https://dialpad.com/saml/login/google/your-domain.com  
    1. or, head to https://dialpad.com/login and select Log in with another provider
  2. Enter your company domain, then select Next

That's it! You'll be redirected to Google for authentication and then automatically redirected back to Dialpad.



Was this article helpful?