Who can set up SSO with Google Cloud
This can be done by an Admin or an IT person in your company.
How to set up SSO with Google Cloud
Create application
1. Login to the Google admin panel and click “Add app” > “Add custom SAML app”
2. Provide an app name (Moss) and click "Continue"
Configure Moss
We need to copy two URLs from the Google panel into the Moss settings page. The certificate is used to check the SAML request validity.
Copy the following URLs (SSO URL and Entity ID) and download the certificate.
Open Moss > click on "Settings" > "SAML SSO" > "Edit configuration"
Paste the URLs and upload the certificate to Moss
Enable the “SAML SSO” toggle button at the top.
Configure Google
By copying the following parameters Google can check if the expected service is going to use identity service and you can check if it works.
Open Moss > click on “Settings” > “SAML SSO”
Copy the parameters “SP entity ID” and “SP ACS URL” paste them into Google
User attributes
In the next step we need to ensure that the needed user attributes are being exposed to Moss.
1. Select the following mapping:
Needed to match user to Moss account
Needed for card creation
Needed for 3DS (Optional - Alternatively, users will need to fill in their phone number by themselves once they have access to Moss)
2. Make sure that the mentioned links above have been copied correctly into Google and click “Save”
Assign users
Finally, we need to specify what users / user groups are allowed to login to the Moss app.
Edit the section and select “User Access” and turn it on for everyone or select a subset or group.
