How to enable SSO and use G Suite as Identity Provider

Here is the step-by-step process to set up single sign-on (SSO) and configure G Suite as the identity provider for your UTunnel Organization account.

Enabling SSO and G Suite

1. To activate SSO and use G Suite as the identity provider on your UTunnel organization account, navigate to your Organization dashboard, and select the Organization tab.

How to enable SSO and use G Suite as identity provider navigate to Users within Organization tab

2. Navigate to the Single Sign On and then click on the G Suite option. Select the Enable G Suite checkbox to enable G Suite as your identity provider. Keep this page handy as you will need the ACS URL and Entity ID from here. 

How to enable SSO and use G Suite as identity provider enable G-suite in the UTunnel

 

G Suite Configuration

1. Now, you have to perform configurations at G Suite. Sign in to https://admin.google.com/ with your G Suite account. Navigate to the menu, and select Apps.

How to enable SSO and use G Suite as identity provider navigate to Apps in the Admin Console

2. Select SAML Apps.

How to enable SSO and use G Suite as identity provider select SAML Apps

3. Click on the Add App.

How to enable SSO and use G Suite as identity provider click Add App

4. Select Add Custom SAML app.

How to enable SSO and use G Suite as identity provider select Add Custom SAML app

5. In the App details screen, enter your preferred name. We recommend using UTunnel VPN as the App name for easy understanding. Click on CONTINUE to proceed.

How to enable SSO and use G Suite as identity provider provide a display name

6. In the Google Identity Provider details screen, you will get two options. We recommend you to go for the first option to download the METADATA file and ignore option 2. Download the file. Click on the Continue button.

How to enable SSO and use G Suite as identity provider opt the first option and download the metadata file

7. Proceed to your UTunnel account dashboard and upload Metadata File into the corresponding field. Then, click on SAVE CHANGES.

How to enable SSO and use G Suite as identity provider upload metadata in the UTunnel

8. In the Service provider details screen, you can find two options ACS URL and Entity ID. You have to enter the details obtained in step #2 in the corresponding fields. Click on the CONTINUE button.

How to enable SSO and use G Suite as identity provider fill in ACS URL and Entity ID in the corresponding fields

9. Next step is to configure SAML attributes. Click on ADD MAPPING button to add each field.

How to enable SSO and use G Suite as identity provider click ADD MAPPING button to each SAML attribute field

10.  Set the SAML attributes as follows.  Please note that these attributes are case-sensitive. Once done click Finish.

Google Directory Attributes

App attributes

First name

FirstName

Last name

LastName

Primary email

Email

How to enable SSO and use G Suite as identity provider configure SAML attributes and click finish

11. That's it. G Suite integration is complete now. Users with active G Suite login and necessary privileges will be able to login to your organization's UTunnel dashboard. However, the organization owner will be required to log in with his registered email and password, and not with a G Suite account.

Popular Support Articles

How to enable SSO and use Okta as Identity Provider

How to enable user provisioning on a server

How to Convert an Organization From Non-SSO to SSO

How to Add Users to an Organization

How to enable SSO and integrate with OneLogin

How to signup as Organization