Implement GSuite Single Sign-On
This article explains how to implement Single Sign-On (SSO) from GSuite into Cezanne HR using SAML 2.0.
- Log in to the GSuite Admin Console - https://admin.google.com
- Navigate to: Apps >> SAML Apps
- Select the '+' button in the bottom right corner:
- Select Setup My Own Custom App.
![](https://media.screensteps.com/image_assets/assets/001/319/961/original/94358c25-f494-4a82-bc8c-94f307076dda.png)
- Copy the SSO URL and Entity ID.
- Download the Certificate (Not the IDP Metadata).
- Click Next.
![](https://media.screensteps.com/image_assets/assets/001/319/975/original/57adc706-646e-4753-9ea5-3a1ffb365d2c.png)
- Enter an Application Name (e.g. Cezanne).
- (Optional) Upload a logo.
- Click Next.
![](https://media.screensteps.com/image_assets/assets/001/319/957/original/45c350ce-da28-4c65-aabc-d172be62bed0.png)
- Enter 'https://w3.cezanneondemand.com:443/cezanneondemand/-/<TenantID>/Saml/samlp' as ACS URL.
- Enter 'https://w3.cezanneondemand.com/CezanneOnDemand/' as Entity ID.
- Enter 'https://w3.cezanneondemand.com:443/cezanneondemand/-/<TenantID>' as Start URL.
- Leave the other settings as default and click Next.
![](https://media.screensteps.com/image_assets/assets/001/319/959/original/6adc453f-aec1-43c7-98b2-3becf1386412.png)
- On the next screen, just click Finish.
- Decide who to give access to:
![](https://media.screensteps.com/image_assets/assets/001/319/976/original/c68f725a-3329-4ad2-8561-1998d043185d.png)
- Log in to Cezanne as an HR Professional.
- Navigate to: System Setup >> Security Settings >> Single Sign-On Configuration.
- Check SAML2.0 and select the 'Advanced Configuration' option beside it.
- Click Add New.
![](https://media.screensteps.com/image_assets/assets/001/319/969/original/fb456508-aa6c-4567-a38d-0d6ab81bc9a5.png)
- Enter 'GSuiteSAML' as the Display Name.
- Change the SAML Binding to 'POST'.
- The Entity Identifier should be set the same as the Entity ID value from Section 1: Step 5.
- The Security Token Service Endpoint should be set the same as the SSO URL value from Section 1: Step 5.
- Download the certificate provide by the SSO setup from section 1: Step 6. Change the extension from .pem to .cer This can now be uploaded into cezanne using the Public Key Certificate field.
- Click Save and Close.
![](https://media.screensteps.com/image_assets/assets/001/319/971/original/3e7b56c0-6612-4f48-a848-a8bd06b367b9.png)
- Navigate to the Login page for Cezanne.
- Click the Enterprise log In button.
![](https://media.screensteps.com/image_assets/assets/001/319/980/original/3cf2ace8-202d-43ff-8fda-20d4160bd601.png)
- Select the GSuiteSAML icon.
![](https://media.screensteps.com/image_assets/assets/001/319/978/original/10c60cb0-d74f-4102-b34f-a79dcbc16c0a.png)
- This should redirect to the GSuite login page to enter your corporate credentials.