Google as a SAML Identity Provider

Enable SAML in your Google Workspace. Check Set up your own custom SAML app for more details.
CAUTIONYou need to be a super-admin in the Google Workspace to configure a SAML application.
  • Go to Google, click on Download Metadata in the left sidebar and copy the XML.
  • Select Email as the Name ID format.
  • Select Basic Information > Primary email as the Name ID.
  • Go to Datafold and create a new SSO integration. Navigate to SettingsIntegrationsAdd new integrationSAML.
  • Copy the read-only field Service Provider ACS URL, go to Google and paste it into ACS URL.
  • Copy the read-only field Service Provider Entity ID, go to Google and paste it into Entity ID.
  • Paste the copied XML into Datafold’s Identity Provider Metadata XML field.
  • Click Save to create the integration.
  • (Optional step) Configure the attribute mapping as follows:
    • First Namefirst_name
    • Last Namelast_name