Administration
SSO settings

Configuring SSO with Google

2min

Before performing SSO configuration, make sure that the value of the domain parameter in the config.ini configuration file is the current domain name of the Passwork server. This is necessary so that IDP can download the https://<your-passwork>/sso/metadata file from your server. Your server must be configured to run over HTTPS protocol. Example parameter in config.ini: domain = https://passwork.example.com

1

Go to AppsWeb and mobile apps in Google Admin Console.

Document image

Document image

2

Click Add app and choose Add custom SAML app.

Document image

3

Enter the name for your app and click Continue.

Document image

4

Go to Passwork account settings, open SSO settings and toggle SSO on:

Document image

5

Copy the SAML certificate and paste it into the corresponding field in Passwork settings:

Document image

Document image

6

Likewise, copy and paste the following fields into Passwork:

Document image

Document image

7

Copy the following fields from Passwork into Service provider details fields in Google Workspace:

Document image

Document image

8

Skip the Attribute mapping step and click Finish

Document image

9

On the page of the app you created, set the access to ON for everyone or use organizational groups to manage access.

Document image


Only whitelisted users will be aple to authenticate in the app

10

Click SSO Login on Passwork's authorization page and test the configuration.

Document image


You may encounter the app_not_configured_for_user error even if a user was whitelisted, since updating permissions in Google takes some time.