Implement GSuite Single Sign-On
This article explains how to implement Single Sign-On (SSO) from GSuite into Cezanne HR using SAML 2.0.
- Log in to the GSuite Admin Console - https://admin.google.com
- Navigate to: Apps >> SAML Apps
- Select the '+' button in the bottom right corner:
- Select Setup My Own Custom App.
- Copy the SSO URL and Entity ID.
- Download the Certificate (Not the IDP Metadata).
- Click Next.
- Enter an Application Name (e.g. Cezanne).
- (Optional) Upload a logo.
- Click Next.
- Enter 'https://w3.cezanneondemand.com:443/cezanneondemand/-/<TenantID>/Saml/samlp' as ACS URL.
- Enter 'https://w3.cezanneondemand.com/CezanneOnDemand/' as Entity ID.
- Enter 'https://w3.cezanneondemand.com:443/cezanneondemand/-/<TenantID>' as Start URL.
- Leave the other settings as default and click Next.
- On the next screen, just click Finish.
- Decide who to give access to:
- Log in to Cezanne as an HR Professional.
- Navigate to: System Setup >> Security Settings >> Single Sign-On Configuration.
- Check SAML2.0 and select the 'Advanced Configuration' option beside it.
- Click Add New.
- Enter 'GSuiteSAML' as the Display Name.
- Change the SAML Binding to 'POST'.
- The Entity Identifier should be set the same as the Entity ID value from Section 1: Step 5.
- The Security Token Service Endpoint should be set the same as the SSO URL value from Section 1: Step 5.
- Download the certificate provide by the SSO setup from section 1: Step 6. Change the extension from .pem to .cer This can now be uploaded into cezanne using the Public Key Certificate field.
- Click Save and Close.
- Navigate to the Login page for Cezanne.
- Click the Enterprise log In button.
- Select the GSuiteSAML icon.
- This should redirect to the GSuite login page to enter your corporate credentials.