Skip to main content

SAML and Single Sign On

Set up Google G-Suite as your SAML Identity Provider

Here's a walk-through of setting up Google G-suite as your SAML Identity Provider. This allows your team to log into Zenduty without a new email/password combination, they just log in to your Google account.

  1. As an administrator on your Google account, go to the admin portal and click through to Apps > Web and Mobile Apps.

  2. Click on Add Apps > Add custom SAML Apps.

  3. In the Basic information for your Custom App, set 'Zenduty' as the Application Name. Grab the logo from here and upload. Add some descriptive information about the new SAML app. This is used to identify the app for everyone on your Google Apps domain. Click on Continue.

  4. In the Google IDP information page - open a notepad on your system, copy and paste the SSO URL and the Entity ID. Download the Certificate. Click on Continue.

  5. In the Service Provider Details page, copy the URL - https://www.zenduty.com/api/account/saml/acs/ and paste it into the ACS URL field in Google settings.

  6. Enter - https://www.zenduty.com - for the Entity ID field.

  7. For the Name ID fields, select Basic Information > Primary Email. For the Name ID Format field, select Unspecified and click Next.

  8. In the Attribute mapping page, click on ADD MAPPING and add the attributes below.

    email -> Basic Information (Primary Email)
    first_name -> Basic Information (First Name)
    last_name -> Basic Information (Last Name)
    

  9. Click on Finish to finish the SAML app setup.

  10. You will be redirected to the newly created Zenduty SAML application page. Click on the User Access section. Select the users or groups that you would like to access Zenduty via SAML(including yourself).

  11. Log into your Zenduty account as the account owner. On the top right corner, click on the drowdown under your name and click on Account. On the left panel, click on Single Sign On.

  1. In the SSO form, select Google SSO under Select SSO Provider

  2. In SAML endpoint input, paste the SSO URL you saved from Step 5. In SAML Entity ID input, paste Entity ID you saved from Step 5. Open the certificate you downloaded from Step 4 in a text editor. In the Certificate input, paste the certificate.

  3. Click on Save Integration to complete your SSO setup!

Disable password login for non-admin users

To disable password login for non-admin users, you can toggle the "Allow Email and Password login for users" setting in the SSO configuration