G Suite SSO SAML Integration
As the G Suite user interface may change, this guide has been written to provide a general process for getting up and running.
- First, sign into SimpleMDM and navigate to the SAML integration screen. This is currently under Settings > Users and then the "Settings" tab. This screen provides the information that G Suite will require.
- Select the option in SimpleMDM to enable SAML.
- As a G Suite admin, sign into the G Suite Admin interface. Select the "Apps" option, then "SAML Apps", and finally the "Add a service/app to your domain" link.
- On the resulting screen, select "Setup my own custom app" at the bottom.
- G Suite will provide information about their SAML interface. The "SSO URL" should be copied and pasted into the "Endpoint URL" box within SimpleMDM. The "Certificate" should be downloaded, opened with a text editor, and pasted into the "X.509 fingerprint or certificate" box within SimpleMDM.
- Click "Next" within G Suite.
- G Suite will ask you how you'd like to identify the SimpleMDM app within G Suite. For "Application Name", enter "SimpleMDM" or some variant of your choosing. You may also set a description and a logo for the app if you wish. Click "Next" when finished.
- G Suite will request information about your SimpleMDM account. For "ACS URL", enter the "SAML Consumer URL" provided within SimpleMDM. For "Entity ID", enter "SimpleMDM". For "Start URL", enter the "Sign in Portal URL" value. Click "Next" once finished.
- The resulting screen can be skipped. Click "Finish".
- On the next screen within G Suite, click the more options button (currently designated as three stacked dots) to enable the SAML app for your domain.
- Within the SimpleMDM interface, complete the remainder of the options and click the "Save" button at the bottom of the screen.