Configuring SSO with Google

warning

Before performing SSO configuration, make sure that the value of the domain parameter in the config.ini configuration file is the current domain name of the Passwork server.

This is necessary so that IDP can download the https://<your-passwork>/sso/metadata file from your server. Your server must be configured to run over HTTPS protocol.

Example parameter in config.ini: domain = https://passwork.example.com

Go to Apps → Web and mobile apps in Google Admin Console.

Click Add app and choose Add custom SAML app.

Enter the name for your app and click Continue.

Go to** Passwork account settings**, open SSO settings and toggle SSO on:

Copy the SAML certificate and paste it into the corresponding field in Passwork settings:

Likewise, copy and paste the following fields into Passwork:

Copy the following fields from Passwork into Service provider details fields in Google Workspace:

Skip the Attribute mapping step and click Finish

On the page of the app you created, set the access to ON for everyone or use organizational groups to manage access.

info

Only whitelisted users will be aple to authenticate in the app

Click SSO Login on Passwork's authorization page and test the configuration.

info

You may encounter the app_not_configured_for_user error even if a user was whitelisted, since updating permissions in Google takes some time.

---