Note: This is a customized version of the general G-Suite SAML setup guide found here.
- Sign in to your Google Admin console using an administrator account.
- From the Admin console Home page, go to Apps > SAML Apps.
- Click Add (plus) button at the bottom right.
- Click Set up my own custom app.
The Google IDP Information window opens and the SSO URL and Entity ID fields automatically populate. There will also be a download button for G Suite’s certificate.
- In a separate browser tab or window, sign in to Businessmap with an administrator account.
- Open the Administration panel from the button in the upper right.
- Go to Integrations > Applications and click Configure on Single Sign-On.
- In IdP Entity Id (first field) enter the value of Entity ID (second field) from step 4.
- In IdP Login Endpoint (second field) enter the value of SSO URL (first field) from step 4.
- In G Suite’s tab download the certificate and open it in a text editor.
- Copy the text of the certificate (without the prefix and suffix) and paste it in IdP X.509 Certificate in Businessmap.
- In Attribute name for Email enter EmailAddress.
- (optional) In Attribute name for First Name enter FirstName.
- (optional) In Attribute name for Last Name enter LastName.
Note: These fields represent the names of the attributes that hold the user’s first and last name. This information is utilized when a user logs in for the first time in Businessmap. An account is automatically provisioned for that user and, if the above-mentioned attributes are present, the user’s name will be filled in the account. You can find out more about user provisioning with SSO in Businessmap here.
- (optional) Check Enable login with both SSO and Businessmap. This will enable you to still log in with your Businessmap credentials from https://kanbanize.com/user-login/ in case the SSO configuration is not successful. You can later disable this option.
- Click on Save Settings.
- Turn on the integration by clicking the toggle next to Single Sign-On on the left.
- Back in G-Suite’s tab press Next.
- Enter Businessmap for Application Name.
- (optional) Enter a description of the app for your team.
- (optional) Upload a logo. You can use this one:
- Press Next.
- In ACS URL enter https://<subdomain>.kanbanize.com/saml/acs
(replace <subdomain> with your company’s custom Businessmap subdomain, e.g. https://yourcompany.kanbanize.com/saml/acs)
- In Entity ID enter https://<subdomain>.kanbanize.com/
(make sure you don’t omit the / at the end)
- For Start URL enter https://<subdomain>.kanbanize.com/ctrl_login/finish_saml_login
- In the end, the configuration window should look like this:
Leave the other fields unchanged and press Next.
- On the next screen, click Add New Mapping, enter EmailAddress and select Basic Information and Primary Email.
- (optional) Click Add New Mapping, enter FirstName, and select Basic Information and First Name.
- (optional) Click Add New Mapping, enter LastName and select Basic Information and Last Name.
- Click Finish on this and OK on the next window.
- With the newly created app selected click Edit Service in the upper right corner.
- Select the appropriate organizational unit, set Service status to On for everyone, and click Save. (more info on G-Suite user provisioning can be found here)
- Done! You are ready to give your new SSO integration a test run.